Hosting ipv6 only website off a virtual machine

mr.b asked:

I have a IPv4-only debian server with virtualization enabled and a couple of VN’s running happily.

I asked for additional IPs from my provider, because I wanted to migrate existing site from another physical server into a VM, yet I wanted to have totally separate address for it, so it doesn’t get associated with the rest of the stuff hosted from the same server.

Their answer was something along the lines that IPv4 addresses are a scarce now, not to be given out lightly, and that RIPE needs a few questions answered before they let me have those IPs. One of their questions is whether or not have I considered running whatever-I-was-going-to-run-via-requested-ips using IPv6 address instead, which got me thinking…


  1. If I opt for hosting a IPv6-only website, will the site still be globally reachable by all customers? Something tells me that the short answer is “no”…
  2. Are there any pitfalls I’d need to watch out for when implementing real (not tunneled) IPv6 addresses inside of one of my bridged virtual machines?


My answer:

There are situations here where you can deploy IPv6 usefully.

As you’re certainly aware, any public-facing service such as your web server or mail server needs to have a public IPv4 address (and IPv6, of course). But other servers you may run don’t necessarily need a public IPv4 address.

I’ve been doing deployments of numbers of virtual machines in “the cloud” where only the public facing machine (i.e. the load balancer) gets a public IPv4 address, but all of the machines get IPv6 addresses. This actually simplifies things a bit since you no longer need a VPN or SSH tunnel to access any particular VM instance.

(You will run into problems, though, such as nrpe and cacti not having full IPv6 support…)

So give your IPv4 addresses to only those servers that really need it, and sprinkle your IPv6 addresses around liberally. You’ll be glad you did.

And remember your firewalls!

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.