On March 28th, 2018 at approximately 1:30 pm CST the server housing the cPanel Feature Request site’s hypervisor unexpectedly failed.
This failure resulted in the loss of data back to September of 2017. Read more in our announcement.
 

Enable IPv6 by default on account creation

James Tandy shared this idea 2 years ago
Open Discussion

As a web hosting provider (including non-root resellers), I would like the option to have IPv6 enabled when new accounts are created.

Comments (4)

photo
1

Should work like ipv4 adress delegation.

i dont need a seperate ipv6 per customer, they can all be on one shared ipv6 and if i decide to give the package a separate ipv6 then i will do it manually, or via api or something else. like the ipv4 actual behavior.

The reason for this is, e.g. blacklists tends to block /64 subnets. If one (1) ! ip sends spam from a hacked account, the server subnet is blocked mostly completly. Why should i do the work and set every customer an ipv6?

photo
1

You can not prevent spam blacklist with multiple IP's but there are lot of other abuses that single IP per account can solve. For example DDoS attack on network layer. You will know exactly which account is under attack, and it can help to isolate client, null route just single IP, etc.

I think that cPanel should auto assign (optionally) separate IPv6 address per account, even when the server have shared IPv4 or if it does not have, than only IPv6 should be assigned, but it really should be a separate IPv6 address per account.

photo
1

Martin +1 ;-)


the shared ipv4 adres is de default for new vhosts.

please add the ipv6 shared adres also. please.... Now it's all manual work. can we "cron" this job ??

photo
photo
1

Hi.


We run a clean ship and are quick to respond to abuse reports and feedback loops; also we monitor our mail logs for abnormal behaviour yet every once in a while we still get blacklisted (delisting does not take long, fortunately) which in some cases causes trouble for our customers.


With IPv6 it is easier to minimalize the impact accounts have on each other if one gets blacklisted - it should not affect another. While industry practices are not very well defined yet but it is likely to assume that DNSBLs would prefer to block a /64 instead of a /48. Therefore ideally each server would be assigned a /48 or a /56 and every account its own /64.


Spamhaus has already stated that they have no intention of blocking any netblock smaller than /64: https://www.spamhaus.org/organization/statement/012/spamhaus-ipv6-blocklists-strategy-statement


Since not every company has the luxury of having a /48 or a /56 per server, this should probably be optional but nonetheless preferable due to the other benefits (like mentioned above, dealing with abuse [DDoS, and such]).