Configuring for IP V6: Difference between revisions

No edit summary
mNo edit summary
 
(9 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{ZC}}{{Article Infobox|{{admin}}|{{ZCS 7.0}}||}}=Zimbra Server with IPv6=
{{BC|Certified}}
__FORCETOC__
<div class="col-md-12 ibox-content">
=Zimbra Server with IPv6=
<hr>
{{KB|{{ZC}}|{{ZCS 10.0}}|{{ZCS 9.0}}|{{ZCS 8.8}}|}}  


As Internet Protocol version 4 is slowly being phased out, there is continued pressure to move to existing in either an IPv4/IPv6 mixed environment for an IPv6 only environment. This article discusses how to configure Zimbra so that it can work with IPv6.  In the 7.0 release series, IPv6 support is limited, so special configuration is required.
First install Zimbra using ipv4 only mode. You can check the current Zimbra IP mode by running the following command as the user`zimbra`:


= Configuring ZCS to work in an IPv6 environment =
<pre>zmprov gs `zmhostname` zimbraIPMode</pre>
Then verify if all entries required all present in <code>/etc/hosts</code> file. Here is an example:


Currently, only a few services support IPv6 in the Zimbra Suite.  To configure your Zimbra installation to allow IPv6, the following must be done.
<pre>127.0.0.1                                      localhost.localdomain  localhost
:: 1                                            localhost.localdomain  localhost
10.0.0.181                                      mail3.zimbra.tech  mail3
2603:c020:400d:567e:aa22:ab12:1234:2a34        mail3.zimbra.tech mail3</pre>
'''''Please make sure the localhost entries are as above for both ip4 and ip6 on your system before continuing!'''''


A special "edge" node, i.e., a node on the public Internet with IPv6 enabled must be installed with the '''zimbra-proxy''' and '''zimbra-mta''' packages. This edge node must have an IPv4 localhost definition of '''127.0.0.1''' in addition to the IPv6 host IP address and IPv6 localhost.  This edge node can also have IPv4 enabled for the public interface as well if running in a mixed mode is desired.
In this example the server name is mail3.zimbra.tech, replace above example with your own domain name. For ip4 the server address for (mail3) your server can be the external IP or the LAN IP if you are in a NAT environment. For ip6 the server address for (mail3) your server should be the external IP in 99% of the cases.


Once this edge node is installed, you can configure it to run in one of two ways:
<span id="_enable_zimbra_in_dual_stack_mode"></span>
= Enable Zimbra in dual stack mode =


ipv6 - Only IPv6 address for the host
Run the following command as the user <code>zimbra</code>:
both - Use both IPv4 and IPv6 addresses for the host


This is controlled via zmlocalconfig key '''zimbraIPMode''' which can have the value of '''both''' for IPv4 and IPv6 operation or '''ipv6''' for IPv6 only operation on the edge node.
<pre>sudo su - zimbra
zmprov ms `zmhostname` zimbraIPMode both
/opt/zimbra/libexec/zmiptool</pre>
<code>zmiptool</code> can take a bit of time. If <code>zmiptool</code> does not return any error, restart the Zimbra using:


The '''IPv6''' address range must also be added to the '''zimbraMtaMyNetworks''' setting for this server via zmprov. For example:
<pre>zmcontrol restart</pre>
In case <code>zmiptool</code> does return errors, fix them before restarting Zimbra.


'''zmprov ms edge.example.com zimbraMtaMyNetworks "127.0.0.0/8 [::1]/128 x.x.x.x/x [xxxx:xxxx:xxxx::x]/x"'''
<span id="_update_zimbramailtrustedip"></span>
= Update zimbraMailTrustedIP =


After these two steps are done, do a '''zmcontrol stop''' followed by a '''zmcontrol start'''. The server will now be IPv6 enabled.
After adding ip6 make sure to update the zimbraMailTrustedIP setting see: https://wiki.zimbra.com/wiki/Secopstips#Log_the_correct_origination_IP


{{Article_Footer|ZCS 7.0|12/5/2011}}
Enclose zimbraMailTrustedIP in square brackets (eg. [1a01:2300:1f1:3:0:0:ffa:123]) the ipv6 address getting enclosed in zimbraMailTrustedIP should be in long format divided into 8 parts separated by colon. (eg. 1a01:2300:1f1:3::ffa:123 should be written like [1a01:2300:1f1:3:0:0:ffa:123]). The IPv6 addresses can be copy/pasted directly from mailbox.log.


[[Category:ZCS 7.0]]
<span id="_gotchas"></span>
= Gotchas =
 
If you use DNSMASQ or any other DNS cache on the Zimbra system, you need to restart DNSMASQ after changing /etc/hosts file using:
 
<pre>systemctl restart dnsmasq</pre>
 
{{Article Footer|ZCS 10.0, 9.0, 8.8|2023-06-20}}

Latest revision as of 05:18, 18 July 2023

  1. Zimbra Tech Center
  2. Certified
  3. Configuring for IP V6

Zimbra Server with IPv6

   KB 15404        Last updated on 2023-07-18  




0.00
(0 votes)

First install Zimbra using ipv4 only mode. You can check the current Zimbra IP mode by running the following command as the user`zimbra`: 

zmprov gs `zmhostname` zimbraIPMode

Then verify if all entries required all present in /etc/hosts file. Here is an example: 

127.0.0.1                                       localhost.localdomain   localhost
:: 1                                            localhost.localdomain   localhost
10.0.0.181                                      mail3.zimbra.tech   mail3
2603:c020:400d:567e:aa22:ab12:1234:2a34         mail3.zimbra.tech mail3

Please make sure the localhost entries are as above for both ip4 and ip6 on your system before continuing!

In this example the server name is mail3.zimbra.tech, replace above example with your own domain name. For ip4 the server address for (mail3) your server can be the external IP or the LAN IP if you are in a NAT environment. For ip6 the server address for (mail3) your server should be the external IP in 99% of the cases.

Enable Zimbra in dual stack mode

Run the following command as the user zimbra: 

sudo su - zimbra
zmprov ms `zmhostname` zimbraIPMode both
/opt/zimbra/libexec/zmiptool

zmiptool can take a bit of time. If zmiptool does not return any error, restart the Zimbra using: 

zmcontrol restart

In case zmiptool does return errors, fix them before restarting Zimbra.

Update zimbraMailTrustedIP

After adding ip6 make sure to update the zimbraMailTrustedIP setting see: https://wiki.zimbra.com/wiki/Secopstips#Log_the_correct_origination_IP

Enclose zimbraMailTrustedIP in square brackets (eg. [1a01:2300:1f1:3:0:0:ffa:123]) the ipv6 address getting enclosed in zimbraMailTrustedIP should be in long format divided into 8 parts separated by colon. (eg. 1a01:2300:1f1:3::ffa:123 should be written like [1a01:2300:1f1:3:0:0:ffa:123]). The IPv6 addresses can be copy/pasted directly from mailbox.log.

Gotchas

If you use DNSMASQ or any other DNS cache on the Zimbra system, you need to restart DNSMASQ after changing /etc/hosts file using: 

systemctl restart dnsmasq
Verified Against: ZCS 10.0, 9.0, 8.8 Date Created: 2023-06-20
Article ID: https://wiki.zimbra.com/index.php?title=Configuring_for_IP_V6 Date Modified: 2023-07-18



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Other help Resources

User Help Page »
Official Forums »
Zimbra Documentation Page »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »


Retrieved from "http://wiki.zimbra.com/index.php?title=Configuring_for_IP_V6&oldid=69904"
Jump to: navigation, search