Bug#533604: Doesn't bind to IPv6 addresses by default

Sat, 27 Feb 2010 08:47:19 -0800 

Stefan Bauer schrieb:
> Sounds logical, i just cant confirm this thesis:

Ah sorry, I didn't realise that you couldn't confirm the bug report. I
thought we were only discussing the best possible solution.

> black:/home/sb# cat /proc/sys/net/ipv6/bindv6only
> 0
> 
> black:/home/sb# ps aux |grep oidentd
> oident   19815  0.0  0.0  12236   620 ?        Ss   09:10   0:00
> /usr/sbin/oidentd -mf -P 80.82.223.1 -u oident -g oident
> 
> So bindv6only is disabled and oidentd has not been started with any
> option passed to -a
> 
> black:/home/sb# telnet -6 red.cubewerk.de 113
> Trying 2a01:198:200:350::2...
> Connected to cl-849.dus-01.de.sixxs.net.
> Escape character is '^]'.
> 
> 
> C:\Documents and Settings\Administrator>telnet red.cubewerk.de 113
> 
> 
> oidentd log stanza:
> 
> Feb 25 22:58:08 black oidentd[28955]: Connection from
> cl-849.dus-01.de.sixxs.net (2a01:198:200:350::2):60665
> 
> As well as ... at almost the same time:
> 
> Feb 25 22:58:37 black oidentd[28956]: Connection from
> p5B0820FE.dip0.t-ipconnect.de (91.8.32.254):0
> 
> We have 2 requests on ipv4 and ipv6 at the same time. Oidentd
> handles both at the same time.

Does your oidentd possibly only have a single IPv6 socket? That would
explain why everything appears to work for you...

oidentd uses getaddrinfo() to determine what sockets to open for
listening. On the systems I checked, getaddrinfo() returns the IPv4
address first and IPv6 address second:

  $ python -c "import socket; print socket.getaddrinfo(None, 'auth',
  0, socket.SOCK_STREAM, 0, socket.AI_PASSIVE)"
  [(2, 1, 6, '', ('0.0.0.0', 113)), (10, 1, 6, '', ('::', 113, 0, 0))]
                   ^^^^^^^                           ^^
                   IPv4                              IPv6

With a few tweaks to /etc/gai.conf I managed to change the order:

  $ python -c "import socket; print socket.getaddrinfo(None, 'auth',
  0, socket.SOCK_STREAM, 0, socket.AI_PASSIVE)"
  [(10, 1, 6, '', ('::', 113, 0, 0)), (2, 1, 6, '', ('0.0.0.0', 113))]
                    ^^                                ^^^^^^^
                   IPv6                              IPv4

With the tweak in effect, oidentd worked without my patch - using only a
single IPv6 socket which accepted both IPv4 and IPv6. (This would break
for /proc/sys/net/ipv6/bindv6only=1.)

>> In any case, this bug should probably be fixed upstream, so you might
>> want to forward it to Ryan (in case he's still the active upstream?). Or
>> if you'd like, I could forward my patch to him myself.
> 
> I tried to get in contact with upstream but had no luck.

Oh, I see.

Have a nice week-end
  Fabian



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to