I am proposing to set net.ipv6.bindv6only=1 by default for new installations, to simplify configuration and administration of systems using IPv6 and to make the system behaviour match the one of all other operating systems, which default to this or just do not provide a choice.
When net.ipv6.bindv6only is set to 0, an application binding an AF_INET6 listening socket to "any" will receive on the same socket IPv4 connections as well, with the endpoint addresses converted in the form ::ffff:1.2.3.4[1]. When net.ipv6.bindv6only is set to 1, an application binding an AF_INET6 listening socket to "any" will only receive IPv6 connection and will need to create an AF_INET listening socket to receive IPv4 connections. Applications can change the behaviour for their sockets using setsockopt and the IPV6_V6ONLY option[2], and many already do this to prevent the need of adjusting their configuration depending on how the system is configured. More information is also available in[3]. While net.ipv6.bindv6only=0 is useful for daemons which are not designed to listen on multiple sockets, it is annoying because it requires dealing with IPv4-mapped addresses in logs and configuration files unless the program takes care to convert them to IPv4 addresses. I propose that netbase will create on new installations a file in /etc/sysctl.d/ containing net.ipv6.bindv6only=1. [1] http://en.wikipedia.org/wiki/IPv6#IPv4_mapped_addresses [2] http://tools.ietf.org/html/rfc3493#section-5.3 [3] http://books.google.com/books?id=UuIqKlWVaKcC&lpg=PA118&ots=2XZWUqI0au&pg=PA118#v=onepage -- ciao, Marco
signature.asc
Description: Digital signature
