Being IPv6 world launch day[1], I thought I would share some quick config file lines that seemed to have taken an inordinate amount of time to arrive at. I'm on debian 6, which is important because from searching one can see that behavior moderately platform dependent, and documentation is in some cases flat wrong.
Anyway for xinetd this is what I now have for /etc/xinetd.d/www service www { flags = IPv4 socket_type = stream wait = no user = root server = /usr/local/bin/althttpd server_args = -logfile althttpd.log -root /var/repositories -user www-data } service www { bind = 2600:3c02::f03c:91ff:fedf:a5ba flags = IPv6 socket_type = stream wait = no user = root server = /usr/local/bin/althttpd server_args = -logfile althttpd.log -root /var/repositories -user www-data } So yes it takes 2 entries. The magic logic is that ipv4 bind-all 0.0.0.0 "sometimes" conflicts with the ipv6 bind-all, causing bind() to fail with address already in use (even though that is not exactly the case) - unless one or both of the listings explicitly specifies a bind address. In the above example, the ipv4 socket is bind-all and the ipv6 socket is bound the "global" ipv6 address. Now for stunnel: [https] accept = atlanta1.stoverenterprises.com:443 TIMEOUTclose = 0 exec = /usr/local/bin/althttpd execargs = /usr/local/bin/althttpd -logfile althttpd.log -root /var/repositories -user www-data -https 1 [httpsv4] accept = 66.228.62.210:443 TIMEOUTclose = 0 exec = /usr/local/bin/althttpd execargs = /usr/local/bin/althttpd -logfile althttpd.log -root /var/repositories -user www-data -https 1 Again two entries required. The [section names] have nothing to do with entries in /etc/services like xinetd, and are just labels. They must be unique though. Similar kong fu as above, exept for extra fun stunnel wont parse ipv6 address. It will however resolve names in /etc/hosts. Now I still can't say why, but if you put the ipv6 entry first - then at least on this platform you get a socket bound just to that ipv6 address for the host name. Then just put the ipv4 next, and don't use the bind-all address. The stunnel docs are more vague since the ipv6 example it shows is for a port forward, not a exec handler. So in conclusion, for those you on linode and other hosting providers & ISPs with ipv6 - add those AAAA DNS records and tweak those config files! [1]http://www.google.com/url?sa=t&rct=j&q=ipv6%20launch%20day&source=web&cd=1&ved=0CF4QFjAA&url=http%3A%2F%2Fwww.worldipv6launch.org%2F&ei=56XPT-fkFerb0QHMo-GQCA&usg=AFQjCNHpsDXQ-_c7lT6obm2BA8QMYdbocQ&cad=rja -- www.thomasstover.com _______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users