Blackdot.be

Due to popular demand (I got 1 e-mail, but hey they’ve been gone for a few days).

I’ve added some of the old Apache HTTPd 64-bit binaries to the download page under archive.
Please use them with care. It is possible I’ll redo the compile tutorial at some point but I currently don’t have access to a compiler.

Enjoy!

Some of you may have noticed, but most probably haven’t. All my important public facing services are now IPv6 ready!

• DNS (caveat only my primary ns server is IPv6 ready – including glue)
• HTTP(s) (This website and webmail are available over IPv6)
• SSH
• SSL VPN
• IMAP
• SMTP (This was my main motivation to move to Zimbra)

Congratulations, your mail system is IPv6 enabled!

Below comes info about the email that triggered this reply.

Your email was received at: Mon Jun 25 17:57:43 EDT 2012

But are you ready? You can check using test-ipv6.com.

Unfortunately the 2 biggest ISP’s in Belgium don’t offer native IPv6. You can however get a tunnel and a routed /64 subnet for free from many tunnel brokers. I’m a very happy user of SIXXS, check them out if you need a tunnel!

Getting an IPv6 address for your computer is just the first step, e-mail is still a big hassle to get right.
Simply send an e-mail to bouncer <at> freenet6.net if you get a reply, you are in luck!

So get your act together, get ready! The day will come.
Some more information can be found here: World IPv6 Launch and wikipedia.

But what about the place you visit? Are they ready?
There is this neat little FireFox plugin called 4or6, start asking all your favorite non IPv6 ready websites to get there gears moving and get ready!

I recently came upon a IETF draft that was published a few weeks ago.

451 Unavailable For Legal Reasons

This status code indicates that the server is subject to legal
restrictions which prevent it servicing the request.

Since such restrictions typically apply to all operators in a legal
jurisdiction, the server in question may or may not be an origin
server.  The restrictions typically most directly affect the
operations of ISPs and search engines.

Responses using this status code SHOULD include an explanation, in
the response body, of the details of the legal restriction; which
legal authority is imposing it, and what class of resources it
applies to.

I think this a great idea, this supports the open concept of the internet. Although it should never have to be used 🙁

I found myself facing a strange issue while moving from my simple all-in-one VPS server to a more roomy Kimsufi 16G running ESXi 5.0.

I only have one IPv4 address so I am using Sophos UTM 9’s Web Application Firewall to spread out some sites to different backend servers.
This is working fine, I did have to switch to basic protection for Zimbra Webmail but that’s really a non-issue.

However during the IPv6 push I made yesterday, Zimbra Webmail went FUBAR in Firefox. Worked fine in Chrome and Safari.
After about 3 hours of troubleshooting were I went over all the possibilities (Maybe Firefox mixed IPv4 and IPv6 requests, …).
I tried disabling IPv6 on my local UTM. Firefox worked again :S disabling IPv4 and forcing IPv6 was broken.

Now satisfied it was not a Firefox issue, I zoned in on the reverse proxy. Because I run Z-Push I can’t use Zimbra’s Webmail directly.
After first simplifying my setup and forcing Zimbra to only serve on [::1]:8080 and reworking my reverse proxy and z-push configs I was confident nothing on the Zimbra end went wrong.

After some more time troubleshooting I noticed that the RP wasn’t properly setting the encoding and content-type for some strange .js.zgz files Zimbra was returning. The WAF in Sophos UTM 9 didn’t have this issue. After figuring out it was indeed a deflated javascript file I added the following to my reverse proxy vhost.

# Zimbra Webmail enconding hotfix
AddEncoding x-gzip .js.zgz
AddType application/gzip .js.zgz

Restarted HTTPD and… nothing! I then cleared the Firefox cache and bingo! It is working again.

Hopefully this is useful for some of you out there!

We are back!

Sort of, I’m still migration from a single VPS to a set of VM’s.
This brings with it a new set of problems related to proxying and things breaking because of this.
Going full out IPv6 has not made it easy, there are a lot of strange things with IPv6 and Zimbra.

So here is some good and some bad news.

1. I will be updating the site more often.
2. It will still mainly focus on IT related things (Linux,Solaris,Apache,…).
3. Most of the old content won’t return.
4. I will not be releasing newer version of Apache x64 binaries for the 2.2 or 2.4 branches.

What exactly this will now evolve into, I can’t say for 100% as of now.
As you have noticed I switched to WordPress, my old own software was way out of date and I can’t invest the effort in updating it.
You will also have noticed I’m use one of the available themes. I like this one. But I will create my own after all other things are fixed and migration.
For now this will do.

Progress Update:

• 20120625: Website is online
• 20120625: Durpal, Joomla and WordPress tested
• 20120625: Webserver 100% done
• 20120624: IPv6 rollout
• 20120624: Z-Push Configuration OK
• 20120623: WebApplication firewall OK
• 20120623: Webserver 80% done
• 20120623: MX Migration OK
• 20120622: MX Migration started
• 20120622: Basic VM for new webserver online
• 20120622: Mail, contact and calendar migration OK
• 20120622: DNS Migration OK
• 20120621: DNS Migration started + Setup of Zimbra Open Source Edition
• 20120620: new VPS online

So please bear with me while I sort out all remaining problems and figure out how to best make use of this website.