"Fossies" - the Fresh Open Source Software Archive

Member "postfix-3.4.7/README_FILES/IPV6_README" (2 Aug 2012, 12077 Bytes) of package /linux/misc/postfix-3.4.7.tar.gz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 PPoossttffiixx IIPPvv66 SSuuppppoorrtt
    2 
    3 -------------------------------------------------------------------------------
    4 
    5 IInnttrroodduuccttiioonn
    6 
    7 Postfix 2.2 introduces support for the IPv6 (IP version 6) protocol. IPv6
    8 support for older Postfix versions was available as an add-on patch. The
    9 section "Compatibility with Postfix <2.2 IPv6 support" below discusses the
   10 differences between these implementations.
   11 
   12 The main feature of interest is that IPv6 uses 128-bit IP addresses instead of
   13 the 32-bit addresses used by IPv4. It can therefore accommodate a much larger
   14 number of hosts and networks without ugly kluges such as NAT. A side benefit of
   15 the much larger address space is that it makes random network scanning
   16 impractical.
   17 
   18 Postfix uses the same SMTP protocol over IPv6 as it already uses over the older
   19 IPv4 network, and does AAAA record lookups in the DNS in addition to the older
   20 A records. Information about IPv6 can be found at http://www.ipv6.org/.
   21 
   22 This document provides information on the following topics:
   23 
   24   * Supported platforms
   25   * Configuration
   26   * Known limitations
   27   * Compatibility with Postfix <2.2 IPv6 support
   28   * IPv6 Support for unsupported platforms
   29   * Credits
   30 
   31 SSuuppppoorrtteedd PPllaattffoorrmmss
   32 
   33 Postfix version 2.2 supports IPv4 and IPv6 on the following platforms:
   34 
   35   * AIX 5.1+
   36   * Darwin 7.3+
   37   * FreeBSD 4+
   38   * Linux 2.4+
   39   * NetBSD 1.5+
   40   * OpenBSD 2+
   41   * Solaris 8+
   42   * Tru64Unix V5.1+
   43 
   44 On other platforms Postfix will simply use IPv4 as it has always done.
   45 
   46 See below for tips how to port Postfix IPv6 support to other environments.
   47 
   48 CCoonnffiigguurraattiioonn
   49 
   50 Postfix IPv6 support introduces two new main.cf configuration parameters, and
   51 introduces an important change in address syntax notation in match lists such
   52 as mynetworks or debug_peer_list.
   53 
   54 Postfix IPv6 address syntax is a little tricky, because there are a few places
   55 where you must enclose an IPv6 address inside "[]" characters, and a few places
   56 where you must not. It is a good idea to use "[]" only in the few places where
   57 you have to. Check out the postconf(5) manual whenever you do IPv6 related
   58 configuration work with Postfix.
   59 
   60   * Instead of hard-coding 127.0.0.1 and ::1 loopback addresses in master.cf,
   61     specify "inet_interfaces = loopback-only" in main.cf. This way you can use
   62     the same master.cf file regardless of whether or not Postfix will run on an
   63     IPv6-enabled system.
   64 
   65   * The first new parameter is called inet_protocols. This specifies what
   66     protocols Postfix will use when it makes or accepts network connections,
   67     and also controls what DNS lookups Postfix will use when it makes network
   68     connections.
   69 
   70         /etc/postfix/main.cf:
   71             # You must stop/start Postfix after changing this parameter.
   72             inet_protocols = ipv4       (DEFAULT: enable IPv4 only)
   73             inet_protocols = all        (enable IPv4, and IPv6 if supported)
   74             inet_protocols = ipv4, ipv6 (enable both IPv4 and IPv6)
   75             inet_protocols = ipv6       (enable IPv6 only)
   76 
   77     By default, Postfix uses IPv4 only, because most systems aren't attached to
   78     an IPv6 network.
   79 
   80       o On systems with combined IPv4/IPv6 stacks, attempts to deliver mail via
   81         IPv6 would always fail with "network unreachable", and those attempts
   82         would only slow down Postfix.
   83 
   84       o Linux kernels don't even load IPv6 protocol support by default. Any
   85         attempt to use it would fail immediately.
   86 
   87     Note 1: you must stop and start Postfix after changing the inet_protocols
   88     configuration parameter.
   89 
   90     Note 2: if you see error messages like the following, then you're running
   91     Linux and need to turn on IPv6 in the kernel: see http://www.ipv6.org/ for
   92     hints and tips. Unlike other systems, Linux does not have a combined stack
   93     for IPv4 and IPv6, and IPv6 protocol support is not loaded by default.
   94 
   95         postconf: warning: inet_protocols: IPv6 support is disabled: Address
   96         family not supported by protocol
   97         postconf: warning: inet_protocols: configuring for IPv4 support only
   98 
   99     Note 3: on older Linux and Solaris systems, the setting "inet_protocols =
  100     ipv6" will not prevent Postfix from accepting IPv4 connections. Postfix
  101     will present the client IP addresses in IPv6 format, though. In all other
  102     cases, Postfix always presents IPv4 client IP addresses in the traditional
  103     dotted quad IPv4 format.
  104 
  105   * The other new parameter is smtp_bind_address6. This sets the local
  106     interface address for outgoing IPv6 SMTP connections, just like the
  107     smtp_bind_address parameter does for IPv4:
  108 
  109         /etc/postfix/main.cf:
  110             smtp_bind_address6 = 2001:240:587:0:250:56ff:fe89:1
  111 
  112   * If you left the value of the mynetworks parameter at its default (i.e. no
  113     mynetworks setting in main.cf) Postfix will figure out by itself what its
  114     network addresses are. This is what a typical setting looks like:
  115 
  116         % postconf mynetworks
  117         mynetworks = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [fe80::]/10 [2001:
  118         240:587::]/64
  119 
  120     If you did specify the mynetworks parameter value in main.cf, you need
  121     update the mynetworks value to include the IPv6 networks the system is in.
  122     Be sure to specify IPv6 address information inside "[]", like this:
  123 
  124         /etc/postfix/main.cf:
  125             mynetworks = ...IPv4 networks... [::1]/128 [2001:240:587::]/64 ...
  126 
  127 NNOOTTEE:: wwhheenn ccoonnffiigguurriinngg PPoossttffiixx mmaattcchh lliissttss ssuucchh aass mmyynneettwwoorrkkss oorr
  128 ddeebbuugg__ppeeeerr__lliisstt,, yyoouu mmuusstt ssppeecciiffyy IIPPvv66 aaddddrreessss iinnffoorrmmaattiioonn iinnssiiddee ""[[]]"" iinn tthhee
  129 mmaaiinn..ccff ppaarraammeetteerr vvaalluuee aanndd iinn ffiilleess ssppeecciiffiieedd wwiitthh aa ""//ffiillee//nnaammee"" ppaatttteerrnn..
  130 IIPPvv66 aaddddrreesssseess ccoonnttaaiinn tthhee ""::"" cchhaarraacctteerr,, aanndd wwoouulldd ootthheerrwwiissee bbee ccoonnffuusseedd wwiitthh
  131 aa ""ttyyppee::ttaabbllee"" ppaatttteerrnn..
  132 
  133 KKnnoowwnn LLiimmiittaattiioonnss
  134 
  135   * Postfix SMTP clients before version 2.8 try to connect over IPv6 before
  136     trying IPv4. With more recent Postfix versions, the order of IPv6 versus
  137     IPv4 outgoing connection attempts is configurable with the
  138     smtp_address_preference parameter.
  139 
  140   * Postfix versions before 2.6 do not support DNSBL (real-time blackhole list)
  141     lookups for IPv6 client IP addresses.
  142 
  143   * IPv6 does not have class A, B, C, etc. networks. With IPv6 networks, the
  144     setting "mynetworks_style = class" has the same effect as the setting
  145     "mynetworks_style = subnet".
  146 
  147   * On Tru64Unix and AIX, Postfix can't figure out the local subnet mask and
  148     always assumes a /128 network. This is a problem only with
  149     "mynetworks_style = subnet" and no explicit mynetworks setting in main.cf.
  150 
  151 CCoommppaattiibbiilliittyy wwiitthh PPoossttffiixx <<22..22 IIPPvv66 ssuuppppoorrtt
  152 
  153 Postfix version 2.2 IPv6 support is based on the Postfix/IPv6 patch by Dean
  154 Strik and others, but differs in a few minor ways.
  155 
  156   * main.cf: The inet_interfaces parameter does not support the notation "ipv6:
  157     all" or "ipv4:all". Use the inet_protocols parameter instead.
  158 
  159   * main.cf: Specify "inet_protocols = all" or "inet_protocols = ipv4, ipv6" in
  160     order to enable both IPv4 and IPv6 support.
  161 
  162   * main.cf: The inet_protocols parameter also controls what DNS lookups
  163     Postfix will attempt to make when delivering or receiving mail.
  164 
  165   * main.cf: Specify "inet_interfaces = loopback-only" to listen on loopback
  166     network interfaces only.
  167 
  168   * The lmtp_bind_address and lmtp_bind_address6 features were omitted. The
  169     Postfix LMTP client will be absorbed into the SMTP client, so there is no
  170     reason to keep adding features to the LMTP client.
  171 
  172   * The SMTP server now requires that IPv6 addresses in SMTP commands are
  173     specified as [ipv6:ipv6address], as described in RFC 2821.
  174 
  175   * The IPv6 network address matching code was rewritten from the ground up,
  176     and is expected to be closer to the specification. The result may be
  177     incompatible with the Postfix/IPv6 patch.
  178 
  179 IIPPvv66 SSuuppppoorrtt ffoorr uunnssuuppppoorrtteedd ppllaattffoorrmmss
  180 
  181 Getting Postfix IPv6 working on other platforms involves the following steps:
  182 
  183   * Specify how Postfix should find the local network interfaces. Postfix needs
  184     this information to avoid mailer loops and to find out if mail for user@
  185     [ipaddress] is a local or remote destination.
  186 
  187     If your system has the getifaddrs() routine then add the following to your
  188     platform-specific section in src/util/sys_defs.h:
  189 
  190         #ifndef NO_IPV6
  191         # define HAS_IPV6
  192         # define HAVE_GETIFADDRS
  193         #endif
  194 
  195     Otherwise, if your system has the SIOCGLIF ioctl() command in /usr/include/
  196     */*.h, add the following to your platform-specific section in src/util/
  197     sys_defs.h:
  198 
  199         #ifndef NO_IPV6
  200         # define HAS_IPV6
  201         # define HAS_SIOCGLIF
  202         #endif
  203 
  204     Otherwise, Postfix will have to use the old SIOCGIF commands and get along
  205     with reduced IPv6 functionality (it won't be able to figure out your IPv6
  206     netmasks, which are needed for "mynetworks_style = subnet". Add this to
  207     your platform-specific section in src/util/sys_defs.h:
  208 
  209         #ifndef NO_IPV6
  210         # define HAS_IPV6
  211         #endif
  212 
  213   * Test if Postfix can figure out its interface information.
  214 
  215     After compiling Postfix in the usual manner, step into the src/util
  216     directory and type "mmaakkee iinneett__aaddddrr__llooccaall". Running this file by hand should
  217     produce all the interface addresses and network masks, for example:
  218 
  219         % make
  220         % cd src/util
  221         % make inet_addr_local
  222         [... some messages ...]
  223         % ./inet_addr_local
  224         [... some messages ...]
  225         ./inet_addr_local: inet_addr_local: configured 2 IPv4 addresses
  226         ./inet_addr_local: inet_addr_local: configured 4 IPv6 addresses
  227         168.100.189.2/255.255.255.224
  228         127.0.0.1/255.0.0.0
  229         fe80:1::2d0:b7ff:fe88:2ca7/ffff:ffff:ffff:ffff::
  230         2001:240:587:0:2d0:b7ff:fe88:2ca7/ffff:ffff:ffff:ffff::
  231         fe80:5::1/ffff:ffff:ffff:ffff::
  232         ::1/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
  233 
  234     The above is for an old FreeBSD machine. Other systems produce slightly
  235     different results, but you get the idea.
  236 
  237 If none of all this produces a usable result, send email to the postfix-
  238 users@postfix.org mailing list and we'll try to help you through this.
  239 
  240 CCrreeddiittss
  241 
  242 The following information is in part based on information that was compiled by
  243 Dean Strik.
  244 
  245   * Mark Huizer wrote the original Postfix IPv6 patch.
  246 
  247   * Jun-ichiro 'itojun' Hagino of the KAME project made substantial
  248     improvements. Since then, we speak of the KAME patch.
  249 
  250   * The PLD Linux Distribution ported the code to other stacks (notably USAGI).
  251     We speak of the PLD patch. A very important feature of the PLD patch was
  252     that it can work with Lutz Jaenicke's TLS patch for Postfix.
  253 
  254   * Dean Strik extended IPv6 support to platforms other than KAME and USAGI,
  255     updated the patch to keep up with Postfix development, and provided a
  256     combined IPv6 + TLS patch. Information about his effort can be found on
  257     Dean Strik's Postfix website at http://www.ipnet6.org/postfix/.
  258 
  259   * Wietse Venema took Dean Strik's IPv6 patch, merged it into Postfix 2.2, and
  260     took the opportunity to eliminate all IPv4-specific code from Postfix that
  261     could be removed. For systems without IPv6 support in the kernel and system
  262     libraries, Postfix has a simple compatibility layer, so that it will use
  263     IPv4 as before.
  264