Postfix: IPv6
Sumber: http://www.postfix.org/IPV6_README.html
Introduction
Postfix 2.2 introduces support for the IPv6 (IP version 6) protocol. IPv6 support for older Postfix versions was available as an add-on patch. The section "Compatibility with Postfix <2.2 IPv6 support" below discusses the differences between these implementations.
The main feature of interest is that IPv6 uses 128-bit IP addresses instead of the 32-bit addresses used by IPv4. It can therefore accommodate a much larger number of hosts and networks without ugly kluges such as NAT. A side benefit of the much larger address space is that it makes random network scanning impractical.
Postfix uses the same SMTP protocol over IPv6 as it already uses over the older IPv4 network, and does AAAA record lookups in the DNS in addition to the older A records. Information about IPv6 can be found at http://www.ipv6.org/.
This document provides information on the following topics:
Supported platforms Configuration Known limitations Compatibility with Postfix <2.2 IPv6 support IPv6 Support for unsupported platforms Credits
Supported Platforms
Postfix version 2.2 supports IPv4 and IPv6 on the following platforms:
AIX 5.1+ Darwin 7.3+ FreeBSD 4+ Linux 2.4+ NetBSD 1.5+ OpenBSD 2+ Solaris 8+ Tru64Unix V5.1+
On other platforms Postfix will simply use IPv4 as it has always done.
See below for tips how to port Postfix IPv6 support to other environments. Configuration
Postfix IPv6 support introduces two new main.cf configuration parameters, and introduces an important change in address syntax notation in match lists such as mynetworks or debug_peer_list.
Postfix IPv6 address syntax is a little tricky, because there are a few places where you must enclose an IPv6 address inside "[]" characters, and a few places where you must not. It is a good idea to use "[]" only in the few places where you have to. Check out the postconf(5) manual whenever you do IPv6 related configuration work with Postfix.
Instead of hard-coding 127.0.0.1 and ::1 loopback addresses in master.cf, specify "inet_interfaces = loopback-only" in main.cf. This way you can use the same master.cf file regardless of whether or not Postfix will run on an IPv6-enabled system.
The first new parameter is called inet_protocols. This specifies what protocols Postfix will use when it makes or accepts network connections, and also controls what DNS lookups Postfix will use when it makes network connections.
/etc/postfix/main.cf:
# You must stop/start Postfix after changing this parameter.
inet_protocols = ipv4 (DEFAULT: enable IPv4 only)
inet_protocols = all (enable IPv4, and IPv6 if supported)
inet_protocols = ipv4, ipv6 (enable both IPv4 and IPv6)
inet_protocols = ipv6 (enable IPv6 only)
By default, Postfix uses IPv4 only, because most systems aren't attached to an IPv6 network.
On systems with combined IPv4/IPv6 stacks, attempts to deliver mail via IPv6 would always fail with "network unreachable", and those attempts would only slow down Postfix.
Linux kernels don't even load IPv6 protocol support by default. Any attempt to use it would fail immediately.
Note 1: you must stop and start Postfix after changing the inet_protocols configuration parameter.
Note 2: if you see error messages like the following, then you're running Linux and need to turn on IPv6 in the kernel: see http://www.ipv6.org/ for hints and tips. Unlike other systems, Linux does not have a combined stack for IPv4 and IPv6, and IPv6 protocol support is not loaded by default.
postconf: warning: inet_protocols: IPv6 support is disabled: Address family not supported by protocol
postconf: warning: inet_protocols: configuring for IPv4 support only
Note 3: on older Linux and Solaris systems, the setting "inet_protocols = ipv6" will not prevent Postfix from accepting IPv4 connections. Postfix will present the client IP addresses in IPv6 format, though. In all other cases, Postfix always presents IPv4 client IP addresses in the traditional dotted quad IPv4 format.
The other new parameter is smtp_bind_address6. This sets the local interface address for outgoing IPv6 SMTP connections, just like the smtp_bind_address parameter does for IPv4:
/etc/postfix/main.cf:
smtp_bind_address6 = 2001:240:587:0:250:56ff:fe89:1
If you left the value of the mynetworks parameter at its default (i.e. no mynetworks setting in main.cf) Postfix will figure out by itself what its network addresses are. This is what a typical setting looks like:
% postconf mynetworks
mynetworks = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [fe80::]/10 [2001:240:587::]/64
If you did specify the mynetworks parameter value in main.cf, you need update the mynetworks value to include the IPv6 networks the system is in. Be sure to specify IPv6 address information inside "[]", like this:
/etc/postfix/main.cf:
mynetworks = ...IPv4 networks... [::1]/128 [2001:240:587::]/64 ...
NOTE: when configuring Postfix match lists such as mynetworks or debug_peer_list, you must specify IPv6 address information inside "[]" in the main.cf parameter value and in files specified with a "/file/name" pattern. IPv6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern.