Configuring for IP V6: Difference between revisions

No edit summary
mNo edit summary
 
(6 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{ZC}}{{Article Infobox|{{admin}}|{{ZCS 7.0}}||}}
{{BC|Certified}}
__FORCETOC__
<div class="col-md-12 ibox-content">
=Zimbra Server with IPv6=
<hr>
{{KB|{{ZC}}|{{ZCS 10.0}}|{{ZCS 9.0}}|{{ZCS 8.8}}|}}  


''' THE CONTENTS OF THIS WIKI DO NOT APPLY TO ZCS 8.0 AND LATER'''
First install Zimbra using ipv4 only mode. You can check the current Zimbra IP mode by running the following command as the user`zimbra`:


''' SEE THE TOOL /opt/zimbra/libexec/zmiptool TO CORRECTLY CHANGE IP MODES.'''
<pre>zmprov gs `zmhostname` zimbraIPMode</pre>
Then verify if all entries required all present in <code>/etc/hosts</code> file. Here is an example:


=Zimbra Server with IPv6=
<pre>127.0.0.1                                      localhost.localdomain  localhost
:: 1                                            localhost.localdomain  localhost
10.0.0.181                                      mail3.zimbra.tech  mail3
2603:c020:400d:567e:aa22:ab12:1234:2a34        mail3.zimbra.tech mail3</pre>
'''''Please make sure the localhost entries are as above for both ip4 and ip6 on your system before continuing!'''''


As Internet Protocol version 4 is slowly being phased out, there is continued pressure to move to existing in either an IPv4/IPv6 mixed environment for an IPv6 only environment.  This article discusses how to configure Zimbra so that it can work with IPv6.  In the 7.0 release series, IPv6 support is limited, so special configuration is required.
In this example the server name is mail3.zimbra.tech, replace above example with your own domain name. For ip4 the server address for (mail3) your server can be the external IP or the LAN IP if you are in a NAT environment. For ip6 the server address for (mail3) your server should be the external IP in 99% of the cases.


= Configuring ZCS to work in an IPv6 environment =
<span id="_enable_zimbra_in_dual_stack_mode"></span>
= Enable Zimbra in dual stack mode =


Currently, only a few services support IPv6 in the Zimbra Suite.  To configure your Zimbra installation to allow IPv6, the following must be done.
Run the following command as the user <code>zimbra</code>:


A special "edge" node, i.e., a node on the public Internet with IPv6 enabled must be installed with the '''zimbra-proxy''' and '''zimbra-mta''' packages.  This edge node must have an IPv4 localhost definition of '''127.0.0.1''' in addition to the IPv6 host IP address and IPv6 localhost.  This edge node can also have IPv4 enabled for the public interface as well if running in a mixed mode is desired.
<pre>sudo su - zimbra
zmprov ms `zmhostname` zimbraIPMode both
/opt/zimbra/libexec/zmiptool</pre>
<code>zmiptool</code> can take a bit of time. If <code>zmiptool</code> does not return any error, restart the Zimbra using:


Once this edge node is installed, you can configure it to run in one of two ways:
<pre>zmcontrol restart</pre>
In case <code>zmiptool</code> does return errors, fix them before restarting Zimbra.


ipv6 - Only IPv6 address for the host
<span id="_update_zimbramailtrustedip"></span>
both - Use both IPv4 and IPv6 addresses for the host
= Update zimbraMailTrustedIP =


This is controlled via Server config key '''zimbraIPMode''' which can have the value of '''both''' for IPv4 and IPv6 operation or '''ipv6''' for IPv6 only operation on the edge node. It can be modified via zmprov.
After adding ip6 make sure to update the zimbraMailTrustedIP setting see: https://wiki.zimbra.com/wiki/Secopstips#Log_the_correct_origination_IP


The '''IPv6''' address range must also be added to the '''zimbraMtaMyNetworks''' setting for this server via zmprov. For example:
Enclose zimbraMailTrustedIP in square brackets (eg. [1a01:2300:1f1:3:0:0:ffa:123]) the ipv6 address getting enclosed in zimbraMailTrustedIP should be in long format divided into 8 parts separated by colon. (eg. 1a01:2300:1f1:3::ffa:123 should be written like [1a01:2300:1f1:3:0:0:ffa:123]). The IPv6 addresses can be copy/pasted directly from mailbox.log.


'''zmprov ms edge.example.com zimbraMtaMyNetworks "127.0.0.0/8 [::1]/128 x.x.x.x/x [xxxx:xxxx:xxxx::x]/x"'''
<span id="_gotchas"></span>
= Gotchas =


After these two steps are done, do a '''zmcontrol stop''' followed by a '''zmcontrol start'''.  The server will now be IPv6 enabled.
If you use DNSMASQ or any other DNS cache on the Zimbra system, you need to restart DNSMASQ after changing /etc/hosts file using:


{{Article_Footer|ZCS 7.0|12/5/2011}}
<pre>systemctl restart dnsmasq</pre>


[[Category:ZCS 7.0]]
{{Article Footer|ZCS 10.0, 9.0, 8.8|2023-06-20}}

Latest revision as of 05:18, 18 July 2023

Zimbra Server with IPv6


   KB 15404        Last updated on 2023-07-18  




0.00
(0 votes)

First install Zimbra using ipv4 only mode. You can check the current Zimbra IP mode by running the following command as the user`zimbra`:

zmprov gs `zmhostname` zimbraIPMode

Then verify if all entries required all present in /etc/hosts file. Here is an example:

127.0.0.1                                       localhost.localdomain   localhost
:: 1                                            localhost.localdomain   localhost
10.0.0.181                                      mail3.zimbra.tech   mail3
2603:c020:400d:567e:aa22:ab12:1234:2a34         mail3.zimbra.tech mail3

Please make sure the localhost entries are as above for both ip4 and ip6 on your system before continuing!

In this example the server name is mail3.zimbra.tech, replace above example with your own domain name. For ip4 the server address for (mail3) your server can be the external IP or the LAN IP if you are in a NAT environment. For ip6 the server address for (mail3) your server should be the external IP in 99% of the cases.

Enable Zimbra in dual stack mode

Run the following command as the user zimbra:

sudo su - zimbra
zmprov ms `zmhostname` zimbraIPMode both
/opt/zimbra/libexec/zmiptool

zmiptool can take a bit of time. If zmiptool does not return any error, restart the Zimbra using:

zmcontrol restart

In case zmiptool does return errors, fix them before restarting Zimbra.

Update zimbraMailTrustedIP

After adding ip6 make sure to update the zimbraMailTrustedIP setting see: https://wiki.zimbra.com/wiki/Secopstips#Log_the_correct_origination_IP

Enclose zimbraMailTrustedIP in square brackets (eg. [1a01:2300:1f1:3:0:0:ffa:123]) the ipv6 address getting enclosed in zimbraMailTrustedIP should be in long format divided into 8 parts separated by colon. (eg. 1a01:2300:1f1:3::ffa:123 should be written like [1a01:2300:1f1:3:0:0:ffa:123]). The IPv6 addresses can be copy/pasted directly from mailbox.log.

Gotchas

If you use DNSMASQ or any other DNS cache on the Zimbra system, you need to restart DNSMASQ after changing /etc/hosts file using:

systemctl restart dnsmasq
Verified Against: ZCS 10.0, 9.0, 8.8 Date Created: 2023-06-20
Article ID: https://wiki.zimbra.com/index.php?title=Configuring_for_IP_V6 Date Modified: 2023-07-18



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »


Jump to: navigation, search