Hi, somewhen before 2.4 we lost "printing of port numbers on v6 addresses" - we used to dumbly print v6addr:port, leading to
2001:db8::123:1194
which is less than clear on "is this a v6 address plus port 1194" or
"just a longer v6 address". Now we just print 2001:db8::123 in things
like the log line prefix, with no port indication.
"The Internet" says there are two widely used conventions:
- One is "the URI format as per rfc3986", which would make this
[2001:db8::123]:1194
which is "IPv6 literal addresses are always enclosed in square brackets",
and if the port is printed, it's tacked on with ":port".
- the other one is "what tcpdump and others do", tacking the port onto
the v6 address with ".", so this would become:
2001:db8::123.1194
also unambiguous (even in the v4-compatible 2001:db8::1.2.3.4.1194
form), though possibly confusing. This is what RFC5952 has to offer
(plus "2001:db8::1 port 80" and "2001:db8::1p80" and "#80") - see
https://tools.ietf.org/html/rfc5952#section-6
I find most of these forms ugly, but I want to "repair" this issue - not
the least because our management interface has "kill client by IP+Port",
which is currently broken because we do not print the port number at
all... (it might still be broken due to the way it works internally,
but that's a new can of worms).
See also https://community.openvpn.net/openvpn/ticket/664 for more
background.
Opinions?
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
