See INC0164829 (for pinger and INC0176266 for www3)
pinger.slac.stanford.edu and www3.slac.stanford.edu
A quick test to see if the host has full IPv6 capability is to run traceroute6
...
- Had to get subnet enabled for IPv6 - Mark.
- To find subnet for the host (e.g. pinger) use NetDB (or ping, or ifconfig on actual host) to find IPv4 address
- Use http://network.slac.stanford.edu/subnets to find list of subnets
- Enter first 3 octets of the host (e.g. 134.79.197.) in the filter
- Taylor blocks ipv6 by default for security reasons, so had to request to enable IPv6 for pinger in Taylor (INC0175010) - Karl
for taylor.opts on a linux server, I believe would look something like ipv6addr=2620:114:d000:25a1::80/64,2620:114:d000:25a1::1
- Modifications to the PAN rules - Kent
- It will need an IPv6 address in NetDB
It may seem to have an IPv6 address by looking at ifconfig you may see
Code Block eth0 Link encap:Ethernet HWaddr 00:50:56:BE:3D:4C inet addr:134.79.197.214 Bcast:134.79.197.255 Mask:255.255.255.128 inet6 addr: 2620:114:d000:2716:250:56ff:febe:3d4c/64 Scope:Global inet6 addr: fe80::250:56ff:febe:3d4c/64 Scope:Link
The global ipv6 addr which is currently configure on this host is probably the slaac (auto configured) from the router.
If the last couple octets look like a MAC address (versus zero or a very small number), then the address was almost certainly auto configured.The other way to convince yourself is to look at the DNS record for the given system (e.g. “host www3”). If there is no IPv6 address displayed, then the address got autoconfigured.
Code Block 447cottrell@rhel6-64f:~$host www3 www3.slac.stanford.edu has address 134.79.197.214
If it does not have an IPv6 address then we have to assign one from the relevant range (e.g. for www3)
Code Block ksa@cdlogin3 $ /afs/slac/g/scs/net/bin/subnet all | grep SERV01-DMZ-WEBSERV 134.79.197.128 SERV01-DMZ-WEBSERV 134.79.197.129 255.255.255.128 Serv01 Web Servers DMZ (vlan 1814) 2620:114:d000:2716:: SERV01-DMZ-WEBSERV 2620:114:d000:2716::1 ffff:ffff:ffff:ffff:: Serv01 Web Servers DMZ (vlan 1814)
To test:
Code Block ksa@www3 $ curl -I -v www3 * About to connect() to www3 port 80 (#0) * Trying 2620:114:d000:2716::8... connected * Connected to www3 (2620:114:d000:2716::8) port 80 (#0) [?]
pinger2.pl
Modified to enable both the hostname and IPv6 address to be the same.
traceroute.pl
Modified to make work on Solaris and Linux:
my $version="7.3, 12/13/2017, Les Cottrell";
# Added \[\] to untainting of dig command. Appears to be needed for IPv6.
# Do not avoid testing internal domains if server is IPv6 host,
# Added avoid calling gethostbyname6 if hostname is already an ipv6 address
# Fixed how Solaris mis-interprets system(@args) sometimes (saw in IPv6)
getdata.pl
Created nodes-ipv6.pl to add the PingER IPv6 MA 2001:da8:270:2018:f816:3eff:fef3:bd3. See here for addition.
Copied getdata.pl to getdata-ipv6.pl and modified to use the /afs/slac/package/pinger/nodes-ipv6.cf file and write to the /nfs/slac/g/net/pinger/pingerdata/ipv6/data/ directory when running getdata-ipv6.pl 2001:da8:270:2018:f816:3eff:fef3:bd3 2017-12-19 1. Also replaced IPv4 address checks with sub chck_ip{} to test for both IPv4 and IPv6 addresses.
APEX/Oracle user interface to PingER NODEDETAILS database
This does not accept IPv6 Addresses, see INC0176849 and INC0176966. APEX doesn't like colon(:) in primary key column values. Primary key value is passed in the URL as a parameter and APEX parameters are separated by colons (:), which is causing the issue. Venkat provided a workaround. We will test this on the Oracle SLACDEV2 (SLACPROD is the production version) test database. The connection to the database is defined in: /afs/slac/package/pinger/oracleArchive/netratDb.pm
...
The password is kept in a protected file. The password on SLACDEV2 was changed to match the one on SLACPROD
XML file at Guanhzhou
See here. Currently, it contains random pingable IPv6 addresses as I have taken it from http://www.ipv6forum.com/ipv6%5fenabled/approval%5flist.php
SLAC Hosts with IPv6 support
Pinger (Linux), www1 (Solaris), www3 (Linux), nospam2-out (Linux), pinger
...