adding IPv6 to an existing IPv4-only 'high-perf' nginx ... Pressflow web-stack?

Events happening in the community are now at Drupal community events on www.drupal.org.
_-.'s picture
Posted by _-. on May 14, 2011 at 4:08pm

(moved from http://groups.drupal.org/node/148319)

our current web stack is an all IPv4, DIY implementation of,

    nginx
        multiple listeners on IPv4:80, IPv4:443
        proxypass to varnish-cache on 127.0.0.1:9000
      |
      |
    varnish-cache
        listener on 127.0.0.1:9000
        filter/pass to 'faux-CDN' on Apache2
            'img' -> 127.0.0.1:12003
            'css' -> 127.0.0.1:12002
            'js'  -> 127.0.0.1:12001
            '...' -> 127.0.0.1:12000
      |
      |
    apache2/mod_php,mod_deflate +
    Pressflow6/memcached(cache_inc/session_inc/lock_inc)
        listeners/vhosts on 127.0.0.1:1200{0,1,2,3}

all works as planned.

we're now adding IPv6 listeners on assigned AAAA records @ each nginx "server {..." for dual-stack operation,

    nginx
-       multiple listeners on IPv4:80, IPv4:443
+-      multiple listeners on IPv4/IPv6:80, IPv4/IPv6:443

questions:

what other parts in the stack need to change to accommodate IPv6 and keep caching, Pressflow, etc working?

does each after-nginx component need a mirrored/parallel IPv6-only instance?

or, simply add IPv6 listeners to the current IPv4 listeners?

or, leave it all alone, depending only on the nginx proxy pass to correctly hand-off to the chain, regardless of the inbound address family, -6 or -4?

Categories: , , , , ,

Comments

Nginx supports

Posted by perusio on May 17, 2011 at 3:02pm
perusio's picture

both hybrid and separate sockets. There's the ipv6only=on parameter of the listen directive for specifying dual stack, meaning sockets for IPv4 and IPv6 are separate. In Linux AFAIK the default is hybrid in FreeBSD the default is separate.

that's not my question, but

Posted by _-. on May 17, 2011 at 3:45pm
_-.'s picture

that's not my question, but sure -- e.g., hybrid config in nginx uses,

server{
...
listen 80;
listen [::]:80 ipv6only=on;
...
}

my question is about the rest of the stack, after nginx, when nginx listens for both IPv4/6 listeners, in either 'hybrid' or 'separate' modes.

specifically, does a IPv6-listener instance in nginx need to proxypass to a standalone varnish listener on IPv6? or can/should it share an existing varnish instance, listening already on an IPv4, address, since, as I've been told, "neither ip_address or hostname are involved in determining cache keys"?

That's not hybrid

Posted by perusio on May 17, 2011 at 4:50pm
perusio's picture

that's separate. Hybrid is:

server {
   listen [::]:80;
   server_name myserver.domain.com;
   (...)
}

I can't help you with Varnish I'm afraid. Buth if the sockets are separated, i.e., ones for IPv6 and others for IPv4, then all software that uses them must be configured to reflect that. I suggest you search for examples of people deploying Varnish on FreeBSD with IPv6 support.

Note that in Linux to set that (separate sockets) you must configure it in the kernel.

Also note that if you have separate sockets for IPv6 and IPv4 then listen [::]:80 will bind only to a socket that accepts IPv6 traffic. The ipv6only=on parameter is for example for a situation where you have a port and/or address just for IPv6 and want it to accept only IPv6 traffic in a hybrid stack situation.

That needs to be corrected in the Wiki :(

Nginx

Group organizers

Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds:

Hot content this week

See all hot content.