Apache Talking IPv6
IP version 6 (IPv6) is the newest version of the Internet Protocol, designed by the IETF as a successor to IP version 4 (IPv4). In this article, we address the case of running the Apache web server over IPv6.
According to the Netcraft web server survey, Apache has been the most popular web server on the Internet since April 1996. Currently, over 56% of all web servers run Apache. These numbers come as no surprise due to Apache's portability over multiple platforms, reliability, robustness, configurability, and the fact that it is free and well documented.
Apache 1.3 has established itself as a high-performance web server. However, with the evolution of requirements imposed on web servers, new functionalities, such as higher reliability, security and performance and scalability are required. In response, Apache continued its drive to satisfy these new requirements with version 2.0, promising a more robust and faster web server with new and enhanced functionalities.
Apache 2.0 offers numerous performance improvements (the subject of an article I wrote for the Linux Journal web site, www.linuxjournal.com/articles/4559). However, as far as this article is concerned, one of the new features is support for IPv6. With the 2.0 version, if you run Apache on systems where IPv6 support exists, Apache gets IPv6 listening sockets by default. Additionally, the Listen, NameVirtualHost and VirtualHost directives also support IPv6 numeric address strings.
In the following sections, we demonstrate how to add support for IPv6 in the Linux kernel and then show how to install the latest Apache version and run it with IPv6 support. We also run some benchmarking tests to compare the performance of the same server servicing requests using IPv4 and IPv6.
In this section, we briefly describe how to enable IPv6 in the Linux kernel, a prerequisite to enable IPv6 HTTP requests. You may already have IPv6 support in your kernel [see page 64]. To add it, the first step is to download a stable Linux kernel and uncompress it. For our testing we downloaded kernel 2.4.8 from kernel.org.
We configured the kernel to enable support for IPv6. There are two options you need to enable. In the Code Maturity Level section, you need to enable "Prompt for development and/or incomplete code/drivers".
And in the Networking Options section, you need to enable "IPv6 Protocol (EXPERIMENTAL)".
You can choose to compile the IPv6 support within the kernel or as a separate module, depending on your preference. After that, compile and install the kernel and modules as usual, then reboot with IPv6 support.
See the Kernel HOWTO for details on the kernel build and install process (www.tldp.org/HOWTO/Kernel-HOWTO.html).
Now that your kernel supports IPv6, you are ready to install Apache and run it with IPv6 support. First, download the latest Apache distribution from www.apache.org/dist/httpd into /tmp. For illustrative purposes we use Apache 2.0.16; however, the same procedure applies to newer versions. Extract the source:
cd /tmp tar xzvf httpd-2_0_16-beta.tar.gz
which will create a new directory, httpd-2_0_16, containing the source code. To configure Apache for your platform and specific requirements, use the configure script included in the root directory of the distribution. You should cd into the httpd-2_0_16 directory and type ./configure at the shell prompt. If you want to know all the options you could pass to the configuration script, type ./configure --help. To change the default options, the configure script accepts a variety of variables and command-line options. One of the options is the location prefix where Apache is to be installed. By default, Apache will install into /usr/local/apache. If you want to install Apache in /usr/local/apache-2_0_16, for instance, type:
./configure --prefix=/usr/local/apache-2_0_16The same applies for other options. When configure is run it will take a few seconds to test for the availability of features on your system and build Makefiles that will be used to compile the server. After running the configuration script, you can build the various parts that form the Apache package by running make && make install. This will compile Apache and install all the files in /usr/local/apache-2_0_16. The next step is to customize the Apache HTTP server by editing the httpd.conf file under /usr/local/apache-2_0_16/conf or, if you have used a different prefix, under prefix/conf/:
vi prefix/conf/httpd.confThe must-edit configuration variables include ServerAdmin, your e-mail address (so you will be alerted in case the server has problems); ServerName, the name or IP of the server; and Port, the port to which the server should listen.
The httpd.conf comes with a lot of explanations, and it is easy to read, understand and customize. However, if you need more details on the configuration directives, you can read the Apache manual either locally under the docs/manual/ in the Apache installation directory or on the Web at httpd.apache.org/docs.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- New Container Image Standard Promises More Portable Apps
- The Humble Hacker?
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- The US Government and Open-Source Software
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- Varnish Software's Hitch
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide