The Quest for IPv6 on OES2
@ Adrian Tritschler · Friday, May 7, 2010 · 5 minute read · Update at May 7, 2010 ·

After spending a fascinating afternoon with IPv6 and Novell OES2 and a myriad of manuals, technical notes and endless searches through forums I thought it time to try and separate the reality from the promise and write up what I found out about IPv6.

Starting with two IPv6-enabled workstations; one running Ubuntu linux (32bit, 10.04) and the other Windows XPsp3 with the Microsoft IPv6 protocol enabled, how far can I get? Both workstations can ping6 each other and both can make SSH and HTTP connections to both on-campus and off-campus systems over IPv6. (The linux system using OpenSSH, firefox and chrome, the Windows system using PuTTY, firefox and chrome). Novell connectivity is provided by ncpfs on the linux system, Novell client 4.91sp4 (??check??) on Windows XP.

IPv6 is enabled by default on an OES2 box when installed – ours were installed as OES2/SLES10sp2 then later upgraded to OES2sp2/SLES10sp3. The basic configuration available through yast is to either enable or disable the protocol – that’s it. The OES2 servers then come up with an autoconfigure address and if you’re a fan of long unwieldy numbers, I can ping6 the address immediately because our network infrastructure people have ensured that we have a working IPv6 as well as IPv4 network, and my linux workstations have both protocols available. The fun then starts when you try to make the OES2 server use IPv6 rather than just have IPv6 available as a kind of bragging point.

A quick visit to the management front end of our DNS system and tick-a-box to say that the OES2 servers are using “auto” on the IPv6 network, magic occurs in the background, and the DNS now serves AAAA records allowing us to use host names from now on. Confirmed by a quick ping6 oes2svrFQDN

So what services on the OES2 box will actually use IPv6 by default, and which other ones can I configure to do so?

By default on an OES2sp1 box it looks as though Apache and sshd are listening, netstat on the server shows us what ports are open:

$ netstat -an |grep "::.*LISTEN"
tcp        0      0 :::80                   :::*                    LISTEN
tcp        0      0 :::9009                 :::*                    LISTEN
tcp        0      0 :::22                   :::*                    LISTEN
tcp        0      0 ::1:25                  :::*                    LISTEN
tcp        0      0 :::443                  :::*                    LISTEN

I’ve confirmed both SSH and HTTP are available over IPv6 as both ssh and firefox or chrome on the linux workstation default to making IPv6 connections to this box. Unsure what is using port 9009 (tomcat I suspect), 25 is the postfix implementation listening internally. Pointing an IPv6-enabled browser at the OES2 server gets the standard Novell front page, then we can find out what protocol we used:

$ netstat -an |grep ":80"
Password:
tcp        0      0 0.0.0.0:8008            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:8009            0.0.0.0:*               LISTEN
tcp        0      0 130.194.x.y:8028      0.0.0.0:*               LISTEN
tcp        0      0 130.194.x.y:8030      0.0.0.0:*               LISTEN
tcp        0      0 :::80                   :::*                    LISTEN
tcp        0      0 2001:388:...:80 2001:388:...:41206 TIME_WAIT

Likewise, ssh to the OES2 server from the linux workstation, then check whether we’re using SSH (port 22) on IPv4 or IPv6:

$ ssh oes2svrFQDN netstat -an |grep ":22"
Password:
tcp        0      0 130.194.8.113:524       130.194.8.114:22606     ESTABLISHED
tcp        0      0 :::22                   :::*                    LISTEN
tcp        0   1072 2001:388:608c:888:25:22 2001:388:608c:488:59561 ESTABLISHED

Sadly, that seems to be about it. All the core Novell services; eDirectory, NCP file access, NRM all seem to only use IPv4 and not to be configurable to use IPv6. I may be mistaken, but so far I’ve not been able to make them work.

Protocols/Products

SSH

Works. Both the linux OpenSSH and Windows PuTTY implementations default to asking the DNS for AAAA records first and using IPv6 if available.

Apache

Works. Both the linux firefox and chrome, and Windows XP firefox and chrome implementations default to asking the DNS for AAAA records first and using IPv6 if available.

TODO: test IE7 access on Windows XP

The default Novell front-page offers little other than links to other services;

  • iManager: continues to work on IPv6
  • iMonitor: defaults back to IPv4 using port 8030
  • NRM: defaults back to IPv4, using ports 8008 and 8009

eDirectory

With LDAP available on the OES2 box, port 389 is open on IPv4 but not on IPv6.

Attempting to add IPv6 addresses to the n4u.server.interfaces entry in /etc/opt/novell/eDirectory/conf/nds.conf appears to have no affect. The specified port does not show up in the netstat open ports list and no connection can be made to the port from the linux or Windows XP workstations.

Two servers on the same subnet, both with IPv6 enabled and capable of contacting each other over IPv6 via HTTP and SSH, only IPv4 is used for NCP connections between the servers.

NCP

A Windows XP workstation with a working IPv6 stack; capable of contacting the IPv6 OES2 server via HTTP (firefox and chrome) and SSH (PuTTY) over IPv6, uses IPv4 for Novell drive connections and all other NCP connections to the OES2 server (Novell client 4.91sp1)

One cryptic comment in the source for ncpfs could be read to imply that there is an NCP implementation available that uses IPv6, but that it is not available to the public.

NRM / HTTPSTK

The addresses used are specified in /etc/opt/novell/httpstkd.conf, but no examples are given of IPv6 configurations and I was unable to find one by experimentation.

Summary

Seems there’s some way to go, or at the very least, that I’ve got a considerable number of manuals to read to try and locate the vital nuggets of information.

Frustratingly, the majority of searches regarding IPv6 seem to turn up documents simply telling people to “disable IPv6 due to issues” in very hand-waving voodoo way, without specifying the “issues” (ie problems) that were experienced.

Adrian Tritschler's stuff
My website, an agglomerative mess, probably half-eaten by a gru

1960s 2016 2017 2018 2019 2020 2021 250cc 30daysofbiking 3pbs 3rrr 403 404 4wd 9-11 a1000 a4000 aaac aabill aac abbotsford act additives adsl adventure advertising afl agf agl airline airport ajft alley amazon ambulance amiga amiga1000 amiga4000 amys-ride angkor-wat anniversary antelope anzac apollo apple aps archicentre architecture armour aroundtuit art artwork ascension-records asus atbiad atomic attic au audax aus auspost australia australia-post autoconfiguration autumn avatar avebury baboon baby backup ballarat balloon bandcamp bank barbecue bath bbq beach beer beijing benchmark benwerrin beryl bialetti bicycle bicycle-lane bigpond bigride bike-touring bikelane bikepath bikevic bingo bionicle bird birding birdingathome birds birthday bitcoin bite blackout blade blog blogmax blogx blondie blossom blosxom bluestone bluetooth bmw bnsw boardgame boat boobs book bookmark books bouncy-castle bp breakdown breakfast brewery bridge bridge-road briefcase bright broadband brolga bromeliad brothel bsd buddy bugger-grips builder bulky bullant bund bungendore bureaucracy bus bus-lane bushwalking butterfly buzzword bv cactus cafe cake calculator callistemon cambodia camera cameron camping cannondale canon cappuccino cappucino car carnegie casio cat caterpiller cbx cbx750 cbx750f cd cemetery censorship centro cereal chadstone challenge change chef childhood chilli china chn chocolate christening christmas church cicada cider cigarettebutts civet clayton cm cms cockatoo coco coffee coffeemug coffeeneuring coffeeneuring2020 coffeepot cold collision colnago comedy comet commonwealth-games commute commuting compiz computer concrete confusion connex coral corn couch court coworker crab crawl cremorne crime critical-mass crossstitch crumpler css ctc ctw2850s curry custard customer-service cycle-path cycle-touring cycling cycliq cyclist cyclops dalek dandenongs date death debian demo demo-scene demolition dentist derailment desk developer development dial-up dig digitisation digitise dinner disaster disgusting disk disqus distributed dizzy djerring-trail djerringtrail docbook dog dogs door dooring dorset dragon dragster dream driving drumming dtt duck dungeon durrell dvd dvico dyndns e-text e18 easyshare echidna edge edge305 edge705 egret electronics elephant elevenses emacs email endomondo engagement england english engrish environment eric-newby error erskine-river esp estuary evening excom exif exiftool f3jr f3jv facebook fafnir fail2ban failure falcon family fancy fancy-dress fault feet fence festival fiat fiat-500 fiat500 fidel filter fire firefox firmware fish fishandchips fitbit fitzroy fixie flex flickr float flood floriade flower fly12 foaf fog food footy for-sale fotothing fountain fra fragile france freebsd friday friendship frog frogmouth frost froty fruit fruittoast fungi gadabunud gadubanud gang-gang gansu garbage garden gardening garfish gariwerd garmin gas gbr geelong genres geocache geocaching geography geotagged getoffmylawn gibberish gig gippsland giraffe girlfriend glass glen-waverley gmail gnome gnuplot goanna goat goatbeer golang goodreads goofey google gor gorse government gplus gps gpx grammar gravelroad grddl greatsouthernrailtrail grenda gru grub gsrt gsx1000z gtd guinness guns gunzel gvbr gyroscope h1n1 habit hail hardware harvest hat hdtv heatwave helicopter heraldsun hfbv hide hiking hippo history holiday honda honeymoon hope hospital hot hotel hrb hsfff huffy hug hughesdale hugo hume-highway humour huntingdale hyundai ibis ibm icon identity idiot ikea imagemagick imap incentivise incompetence indieweb inferno injury ink inktob2020 inktober inktober2020 insect instagram intel interest internode intrepidtravel invitation iot iphone ipod iptc ipv6 iso8601 issue itch itsp itunes ixus ixus300 ixus700 jaywalker jekyll jersey jey journal jrb june justice justjoey kangaroo katana kawasaki kay-and-burton kde kellybrook kings-couriers kneejerk knitting kodak kookaburra kubernetes kudu ladder lake laneway laneways laptop lastfm lawyer leather lego lemon lemons leslie-charteris lifelogging light lighthouse lilo limar limes linkrot linux lion litter lizard location lockdown logrotate lorne lroty lufthansa lunch lunchbreak lvm lxra lysterfield macciato machine_tags machinery magazine maglev magnolia magpie map mapping marksense markup matches mathjax mathml mattress maze mbtc mc6809 mc6809e meerkat mekong melbourne melburn melburn-roobaix meme memolane memories metadata microformats microk8s microsoft millpond miniadventure minutae mist mlp mobile-phone modem monash monash-city-council monash-university monday monitoring monument moon mooramong mortality motionbased motorbike motorcycle motorcycling motorist motorola movie movies mozilla mrtg msi mtb mug mural murder murrumbeena muse muse-mode mushrooming music mycommute mysql names nanoadventure national-trust nbn neighbour nest netbook netbsd netware network newspaper nigeria nightworks nocleanfeed nofilter noise nomnomnom noneshallpass norco norky-bike north-road nostalgia notebook novell nsw nvidia nye nzl oakleigh obesity obituary obp obstruction oes2 oldcar ominous onenet open-tabs openbsd openid openindiana openphoto opensolaris opml oranges org-mode ostrich otter otways outage outpost owl oww oxford p100 palm-pilot panda paperwork parenting park parking parrot passbox pasta pbs pc pc3000 pc3121 pc3166 pc3232 pc3800 pentium pentium-iv peregrine perentie perl pesos pet petrol peugeot philosophy phone photo photograph photography photos php picasa picnic piggies pii piii piv pixelfed pizza plan9 plogging plu podargus podargus-strigoides poem police politics pollution portugal possum postcard postnuke pothole power ppp prawn probe problem proofreading prt pub pubs puck pumpkin pun punchcards puncture pyblosxom qantas qdos qfl qnx qotd r-class r707 radius raido rail-trail railtrail railway rain rainbow rainfall ramones random rant rc17 rdf rdup reading reading-books-rdf real-estate realestate recipe redevelopment renovation rent renting repair repairs reptile restaurant retrocomputing review rhino richmond ride2work ridetoworkday ring ringtail rip ritual river road-rage roadrage robot rocket rockpool rockshox rodent rose roundabout rowing rrd rrdtool rrr rss rta rtabigride rtfm rtwd rubbish ruby ruins russian-women samba samsonite sasl sbs scam scanning scent schmap science scribble script sculpture seabird seaslug security self-reference sensationalism sgml shakespeare shark shimano shoes shopping shopping-trolley sign signwriting silverbirch singing singlespeed sink site site-news site-stuff skateboard skink skink-link skip skyrail slashdot sleep sles sles10 slippery smarthome smidsy smog smoke smoker sneakernet snow snow-train social-media software solstice soup souvenir spain spam spelling spider spiegeltent spotify spotty-bike spring springer ssh stagecoach station-trail steam-engine storage storm storm-trooper storytlr strava stupidity submarine suburbia summer sunrise sunset supergirl supertuesday support surveillance survey suzuki svg switzerland t-shirt tag tagging taikoz tandem tax taxi tdf teac teamrc17 technicomps technology teeth telemarketing telephone television telstra tent terrorism the-saint the-slog theftbyfinding theme throw thunderstorm thursday ti ti99a tomato touring tourism towel toys tradesman traffic trailgator train-spotter tram trap travel trek trek-t50 tritschler trivia trovebox tunnel tv tvix twat-o-tron twitter typo ubuntu ugliness ui uk uluru unprecedented update upgrade uptime usb vandalism vcr vegemite vhs vic vicroads victoria video vietnam virus vista visualisation vitriol vline vlocity vmware vpn vpnc walking warranty wasp water water-meter waterfall wearegoingawol weather web webcam webfinger wedding wellbeing wemo wetlands wfh whatcouldpossiblygowrong wideopenroad wifi wig wildebeeste wildoz win2000 wind window windows windows7 windy wine winery winxp wired wisp witness wor wordplay workflow www wyvern xemacs xml xp xrd xsl xslt yak yellow yumcha zaf zebra zfs zoo zope zorse

© 1984 - 2021 Adrian Tritschler

Powered by Hugo with theme Dream.

About

ajft looking stylish and black

…The Owner

There’s not much more I can add to who I am.

…The Site

I experiment. I play. I write and I take pictures. Some of the site is organised around topics, other parts are organized by date, then there’s always the cross-references between them.

Long ago it started as a learning experiment with a few static HTML pages, then I added a bit of server-side includes and some very ugly PHP. A hand-built journal/blog on top of that PHP, then a few experiments in moving to various static publishing systems. I’ve never wanted a database-based blogging engine, so over the years I’ve tried php, nanoblogger, emacs-muse, silkpage and docbook before settling on emacs org-mode for writing and jekyll for publishing. But the itch remained… I never really liked jekyll and the ruby underneath always seemed so much black magic. So now the latest incarnation is org-mode and hugo.

…The ISP

…The Grue