Hi list, I'm trying to set up Bacula to use my IPv6 network to get around the problem that for some of my backup clients over IPv4, the storage daemon is behind NAT.
On all of the hosts involved, I've set up the daemons to only listen on IPv6 addresses with the exception of the director which could still service requests to/from local IPv4 clients, and all of the config for connections to any of the other daemons use the hostname for the "Address =" parameter as I'm also using TLS with the commonName of the certificate matching the hostname of the server. I have DNS records set up correctly such that "ping hostname" and "ping6 hostname" both work as expected from all of the hosts involved. The problem I have is, Bacula seems to always resolve and use the IPv4 address of the host before the IPv6 address. On the host running the director daemon, I am also running one of the DNS servers authoritative for the domain of these hosts, so I can see the DNS queries being made, and I only see queries for 'A' records and no 'AAAA' records. So for example, if I run bconsole and try "status client" and pick one of the clients only accessible over IPv6, it tries and fails to connect to the remote file daemon over IPv4. I wrote a small test program that uses the getaddrinfo(3) library call to return all of the addresses for a given hostname and when run on the host running the director daemon with the hostname of one of the remote hosts, it does what I expect and returns the IPv6 address first, followed by the IPv4 address. This is also true when run on any of the hosts involved. I can't find any reference to a standard that requires that IPv6 addresses should be returned before IPv4 ones, but every bit of software that is both IPv6 and IPv4 capable always seems to use the IPv6 address first. Is there a way to force Bacula to prefer IPv6 addresses or would this be considered a bug in the DNS resolving code? I had a look in the source (src/lib/bnet.c, right?) but it looks a bit more complicated than just calling one the C library calls and relying on the order from that, I'm not familiar enough with it (yet) to understand what's going on. At first glance it looks like in some cases the code fetches all of the IPv4 addresses followed by the IPv6 address, or only tries IPv6 resolution if IPv4 fails. Any ideas? Matt ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
