Date: Wed, 24 Jul 2002 11:54:23 +0200 (CEST) From: BOUWSMA Beery <freebsd-misuser@ipv6.netscum.dyndns.dk> To: FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Re: 6to4 default Message-ID: <200207240954.g6O9sN921234@MAIL.NetScum.DynDNS.dK> In-Reply-To: <ygefzy9u69z.wl@lyrics.mahoroba.org> References: <E17XAIE-000CkO-00@rip.psg.com> <ygefzy9u69z.wl@lyrics.mahoroba.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[IPv6-only address above; strip the obvious for IPv4-only mail] > randy> why is > randy> ipv6_ipv4mapping="YES" # Set to "NO" to disable IPv4 mapped IPv6 addr > randy> # communication. (like ::ffff:a.b.c.d) > randy> in /etc/defaults/rc.conf > I don't understand your question. In anyway, I have a plan to change > the default to NO for 5-CURRENT before 5.0-RELEASE is out. But, I > have no plan for 4-STABLE due to avoid POLA violation. I agree that the default for this should be `NO' (at least in -current), just as it is in the NetBSD-current I've been using. There are some POLA issues with it set to `YES' -- such as, what are intended to be tcp6-only services can be accessed via IPv4 from everywhere, and filtering via IPv4 gets b0rken when the incoming connection is translated to ::ffff:a.b.c.d -- at least, that was my experience. In other words, you get tcp46 services and no way to access a service with IPv6-only. Of course, there are other POLA issues with setting this to `NO' as well -- I experienced that the `apache2' port would then only listen to IPv6 by default, which was confirmed in a NetBSD gnats bug report from Jason Thorpe that doesn't appear to have a resolution. (My solution was to explicitly listen to `0.0.0.0:80' as well as the default `80' in the config file, which seems to do the job) thanks barry bouwsma To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207240954.g6O9sN921234>