Date: Sun, 19 Sep 2010 14:55:28 -0400 From: Mark Kamichoff <prox@prolixium.com> To: freebsd-stable@freebsd.org Subject: Re: BIND9 built w/--disable-ipv6 on 8.1-STABLE Message-ID: <20100919185528.GA28845@prolixium.com> In-Reply-To: <20100919183721.GA17616@prolixium.com> References: <20100919183721.GA17616@prolixium.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--RnlQjJ0d97Da+TV1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Sep 19, 2010 at 02:37:21PM -0400, Mark Kamichoff wrote: > I just noticed (well, via a discussion in #ipv6 on freenode) that the > default configure arguments for BIND9 on 8.1 include '--disable-ipv6'. >=20 > % grep CONFIGARGS /usr/src/usr.sbin/named/Makefile=20 > CONFIGARGS=3D'--prefix=3D/usr' '--infodir=3D/usr/share/info' > '--mandir=3D/usr/share/man' '--enable-threads' '--disable-ipv6' > '--enable-getifaddrs' '--disable-linux-caps' '--with-openssl=3D/usr' > '--with-randomdev=3D/dev/random' >=20 > This results in BIND9 not listening on IPv6 sockets, even if the > listen-on-v6 directive is explicitly configured in the configuration > file. Even worse, and why I didn't pick up on it until now, is that no > warnings or errors are emitted about this during startup, although I > suppose that is more of a BIND problem than a FreeBSD one. Strangely > enough, the control socket still listens on ::1 in addition to > 127.0.0.1. >=20 > Does anyone know why this was done, or if there's any harm in reenabling > it and rebuilding? Well, you can safely ignore this! I realized afterwards that '--disable-ipv6' just disables the default use of IPv6 in BIND, it doesn't completely disable the protocol. Turns out I was querying the wrong address with DIG when testing this, too. listen-on-v6 certainly works as expected, and enables IPv6 like it should. Although, that still does beg the question, why don't we want IPv6 enabled by default on new BIND installations? - Mark --=20 Mark Kamichoff prox@prolixium.com http://www.prolixium.com/ --RnlQjJ0d97Da+TV1 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyWXKAACgkQ0TYC9KtF8BPJKgCeMyQA2FLrz3t7TqzNXc7bt/GQ xAcAnj3XEXwppM1+JFnWuSd6nmdtyUHi =4roe -----END PGP SIGNATURE----- --RnlQjJ0d97Da+TV1--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100919185528.GA28845>