Lighttpd: Enable IPv6 Support

Lighttpd supports both IPv6 and IPv4 protocol out of box. You need to compile lighttpd with IPv6 support. The server.use-ipv6 option bind to the IPv6 socket. You need to bind to both IPv6 and IPv4 using the following syntax.

First, see compile-time features (find out if IPv6 is enabled or not), enter:
# lighttpd -V
Sample output:

Build-Date: Sep 30 2008 06:18:08

Event Handlers:

	+ select (generic)
	+ poll (Unix)
	+ rt-signals (Linux 2.4+)
	+ epoll (Linux 2.6)
	- /dev/poll (Solaris)
	- kqueue (FreeBSD)

Network handler:

	+ sendfile

Features:

	+ IPv6 support
	+ zlib support
	+ bzip2 support
	+ crypt support
	+ SSL Support
	+ PCRE support
	- mySQL support
	- LDAP support
	- memcached support
	- FAM support
	- LUA support
	- xml support
	- SQLite support
	- GDBM support

You must see + IPv6 support enabled. If not recompile lighttpd with IPv6 support. Once compiled open lighttpd.conf file:
# vi lighttpd.conf
To enable IPV6 and IPV4 together, enter:

server.use-ipv6 = "enable"
server.port = 80
$SERVER["socket"] == "0.0.0.0:80" {
# add your stuff
#
}

Save and close the file. Restart lighttpd:
# service lighttpd restart

Above config is only useful if you want to use all available IPv4 and IPv6 address. Following configuration will bind IPv4 to 202.54.1.10 and IPv6 to address:
Open lighttpd.conf setup main server IP address as follows:

server.port = 80
server.bind = "202.54.1.10"

Below that add IPv6 config as follows:

$SERVER["socket"] == "[2001:470:1f04:55a::2]:80" {
   # ...
   # your rest of config for ipv6 host
   # ...
}

Here is my sample config file with IPv4 and IPv6 dual stack enabled:

server.modules              = (
                               "mod_redirect",
                               "mod_alias",
                               "mod_rewrite",
                               "mod_expire",
                               "mod_access",
                               "mod_auth",
                               "mod_status",
                               "mod_fastcgi",
                               "mod_accesslog",
                               "mod_compress"
)
 
server.errorlog            = "/var/log/lighttpd/error.log"
accesslog.filename         = "/var/log/lighttpd/access.log"
index-file.names            = ( "index.php", "index.html", "index.htm", "default.htm" )
server.tag                 = "lighttpd"
 
# FastCGI php5
fastcgi.map-extensions = ( ".html" => ".php" )
fastcgi.server    = ( ".php" =>
        ((
                "bin-path" => "/usr/bin/php-cgi",
                "socket" => "/tmp/php-cgi.socket",
                "max-procs" => 4,
                "idle-timeout" => 30,
                "bin-environment" => (
                        "PHP_FCGI_CHILDREN" => "10",
                        "PHP_FCGI_MAX_REQUESTS" => "20000"
                ),
                "bin-copy-environment" => (
                        "PATH", "SHELL", "USER"
                ),
                "broken-scriptfilename" => "enable"
        ))
)
 
include "mimetype.conf"
 
server.document-root = "/home/lighttpd/example.com/http"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "lighttpd"
server.groupname = "lighttpd"
 
# Turn on IPv4 config
server.port = 80
server.bind = "202.54.1.10"
 
server.error-handler-404 = "/index.php?error=404"
 
### IPv6 Config ###
# Note only log file name changed
$SERVER["socket"] == "[2607:f0d0:1002:11::5]:80" {
	accesslog.filename         = "/var/log/lighttpd/ipv6.access.log"
	server.document-root = "/home/lighttpd/example.com/http"
	server.error-handler-404 = "/index.php?error=404"
}

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

4 comment

(network.c.300) can’t bind to port: 0.0.0.0 80 Address already in use
failed!

I seem to have problems enabling SSL if I use IPv6 and IPv4 at the same time… Dunno why…

Solution that works for me:

$SERVER["socket"] == "[ipv6 address]:443" {
                  ssl.engine                  = "enable"
                  ssl.pemfile                 = "/etc/ssl/private/cert.pem"
                  ssl.ca-file                 = "/etc/ssl/certs/ca.pem"
}
$SERVER["socket"] == "ipv4 address:443" {
                  ssl.engine                  = "enable"
                  ssl.pemfile                 = "/etc/ssl/private/cert.pem"
                  ssl.ca-file                 = "/etc/ssl/certs/ca.pem"
}
$SERVER["socket"] == "localhost:443" {
                  ssl.engine                  = "enable"
                  ssl.pemfile                 = "/etc/ssl/private/cert.pem"
                  ssl.ca-file                 = "/etc/ssl/certs/ca.pem"
}

Solution for both IPv4 and IPv6 + SSL:

### Enable IPV6 and IPV4 together
server.use-ipv6                 = "enable"
server.port                     = 80
server.document-root            = "/usr/local/www"
accesslog.filename              = "/var/log/lighttpd/access.log"
server.errorlog                 = "/var/log/lighttpd/error.log"

$SERVER["socket"]               == "[::]:443" {
        server.document-root    = "/usr/local/www"
        accesslog.filename      = "/var/log/lighttpd/access.log"
        server.errorlog         = "/var/log/lighttpd/error.log"
        ssl.engine              = "enable"
        ssl.pemfile             = "/usr/local/etc/openssl/certs/server/server.pem"
        ssl.ca-file             = "/usr/local/etc/openssl/certs/CA/cacert.pem"
}

output from sockstat -l (where the server is listening):

www      lighttpd   29570 4  tcp46  *:80                  *:*
www      lighttpd   29570 5  tcp46  *:443                 *:*

Posted by: Vivek Gite

Share this on (or read 4 comments/add one below):

4 comment