Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 24 Jul 2002 11:54:23 +0200 (CEST)
From:      BOUWSMA Beery <freebsd-misuser@ipv6.netscum.dyndns.dk>
To:        FreeBSD Stable <freebsd-stable@freebsd.org>
Subject:   Re: 6to4 default
Message-ID:  <200207240954.g6O9sN921234@MAIL.NetScum.DynDNS.dK>
In-Reply-To: <ygefzy9u69z.wl@lyrics.mahoroba.org>
References:  <E17XAIE-000CkO-00@rip.psg.com> <ygefzy9u69z.wl@lyrics.mahoroba.org>

next in thread | previous in thread | raw e-mail | index | archive | help
[IPv6-only address above; strip the obvious for IPv4-only mail]


> randy> why is
> randy> ipv6_ipv4mapping="YES"           # Set to "NO" to disable IPv4 mapped IPv6 addr
> randy>                          # communication. (like ::ffff:a.b.c.d)
> randy> in /etc/defaults/rc.conf

> I don't understand your question.  In anyway, I have a plan to change
> the default to NO for 5-CURRENT before 5.0-RELEASE is out.  But, I
> have no plan for 4-STABLE due to avoid POLA violation.

I agree that the default for this should be `NO' (at least in
-current), just as it is in the NetBSD-current I've been using.

There are some POLA issues with it set to `YES' -- such as,
what are intended to be tcp6-only services can be accessed via
IPv4 from everywhere, and filtering via IPv4 gets b0rken when
the incoming connection is translated to ::ffff:a.b.c.d -- at
least, that was my experience.  In other words, you get tcp46
services and no way to access a service with IPv6-only.

Of course, there are other POLA issues with setting this to `NO'
as well -- I experienced that the `apache2' port would then
only listen to IPv6 by default, which was confirmed in a NetBSD
gnats bug report from Jason Thorpe that doesn't appear to
have a resolution.  (My solution was to explicitly listen to
`0.0.0.0:80' as well as the default `80' in the config file,
which seems to do the job)


thanks
barry bouwsma


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207240954.g6O9sN921234>