Phil Pennock:
2. bind a socket per address family, ensure the address families remain
distinct, let people run with defaults, of 0.0.0.0 and ::.
[...]
IMO, SKS should either set v6only on the accepting sockets explicitly
I have just submitted a pull request for this. Please have a look at
Hi Daniel and Phil,
maybe you should suggest adding the IPv4 compatibility DNS record (i.e.,
*sks-peer :::94.142.241.93*) to the administrator of
sks-peer.spodhuis.org.
To see if that'll work out, try adding an equivalent record to your
/etc/hosts temporarily.
Just my two cents,
Karl
Daniel Kahn Gillmor writes:
But it seems like there are two approaches that could
be taken to fix it, and only one of them ought to rely on IPV6_V6ONLY:
a) sks could set IPV6_V6ONLY on all listening sockets, and require the
administrators to explicitly list IPv4 addresses differently from
On 12/03/2013 06:11 AM, Karl Schmitz wrote:
maybe you should suggest adding the IPv4 compatibility DNS record (i.e.,
*sks-peer :::94.142.241.93*) to the administrator of
sks-peer.spodhuis.org.
To see if that'll work out, try adding an equivalent record to your
/etc/hosts
On 12/03/2013 11:41 AM, Kim Minh Kaplan wrote:
But this *is* the approach that SKS uses, except that it does not have
to set IPV6_V6ONLY. Like I wrote in a previous answer, SKS requires the
administrator to list all addresses, IPv4 and IPv6. As an alternative you
can use the hostname. But I do
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 12/03/2013 06:08 PM, Daniel Kahn Gillmor wrote:
On 12/03/2013 11:41 AM, Kim Minh Kaplan wrote:
But this *is* the approach that SKS uses, except that it does not
have to set IPV6_V6ONLY. Like I wrote in a previous answer, SKS
requires the
On 2013-12-02 at 01:30 -0500, Daniel Kahn Gillmor wrote:
On 11/27/2013 04:30 PM, Phil Pennock wrote:
If you're free to do so on this box, you can change the global state
with the `net.ipv6.bindv6only` sysctl; set it to 1 from 0.
hm, this seems like it would have cascading effects over
On 12/03/2013 12:34 PM, Phil Pennock wrote:
IMO, SKS should either set v6only on the accepting sockets explicitly,
or remove the defaults and treat :: and 0.0.0.0 as a configuration
error, since the status quo uses inconsistent logic to defend its
stance.
I like these suggestions. Thanks for
Daniel Kahn Gillmor wrote:
On 11/27/2013 04:30 PM, Phil Pennock wrote:
On 2013-11-27 at 12:57 -0500, Daniel Kahn Gillmor wrote:
i'm running sks 1.1.4 on Debian GNU/Linux, wheezy, amd64 (x86_64)
platform.
I see the following situation in the logs of the recon process (this is
just an
John Clizbe :
I'm perfectly fine with bumping
the minimums to Ocaml 3.12.1
Reading http://caml.inria.fr/distrib/ocaml-3.11/notes/Changes apparently
IPV6_ONLY is available since Objective Caml 3.11.0.
--
Kim Minh
___
Sks-devel mailing list
On 11/27/2013 04:30 PM, Phil Pennock wrote:
On 2013-11-27 at 12:57 -0500, Daniel Kahn Gillmor wrote:
i'm running sks 1.1.4 on Debian GNU/Linux, wheezy, amd64 (x86_64)
platform.
I see the following situation in the logs of the recon process (this is
just an example, it seems to happen to all
i'm running sks 1.1.4 on Debian GNU/Linux, wheezy, amd64 (x86_64)
platform.
I see the following situation in the logs of the recon process (this is
just an example, it seems to happen to all my IPv4 peers):
2013-11-27 12:37:17 address for sks-peer.spodhuis.org:11370 changed from [] to
i'm running sks 1.1.4 on Debian GNU/Linux, wheezy, amd64 (x86_64)
platform.
1.1.3, squeeze/i386
Can anyone with a dual-stack machine (both IPv6 and IPv4) verify a
successful connection from an IPv4-only peer in their recon logs?
I can see no similar log messages.
Gabor
Daniel Kahn Gillmor :
2013-11-27 12:37:17 Reconciliation attempt from unauthorized host ADDR_INET
[:::94.142.241.93]:54518. Ignoring
What does your sksconf file look like? It should explicitly list all the
IP address you want to serve.
--
Kim Minh
On 2013-11-27 at 12:57 -0500, Daniel Kahn Gillmor wrote:
i'm running sks 1.1.4 on Debian GNU/Linux, wheezy, amd64 (x86_64)
platform.
I see the following situation in the logs of the recon process (this is
just an example, it seems to happen to all my IPv4 peers):
2013-11-27 12:37:17
Hi Daniel,
On 11/27/2013 06:57 PM, Daniel Kahn Gillmor wrote:
i'm running sks 1.1.4 on Debian GNU/Linux, wheezy, amd64 (x86_64)
same, but sks 1.1.3, on a virtual machine (kvm/qemu).
Can anyone with a dual-stack machine (both IPv6 and IPv4) verify a
successful connection from an IPv4-only
16 matches
Mail list logo