File: IPv6.txt

package info (click to toggle)
alpine 1.10%2Bdfsg-3
  • links: PTS
  • area: main
  • in suites: lenny
  • size: 26,036 kB
  • ctags: 21,767
  • sloc: ansic: 308,814; tcl: 19,749; sh: 9,822; makefile: 1,926; perl: 189; exp: 69; csh: 48; sed: 16
file content (131 lines) | stat: -rw-r--r-- 4,816 bytes parent folder | download | duplicates (17) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
 
/* ========================================================================
 * Copyright 1988-2006 University of Washington
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * 
 * ========================================================================
 */

The following information about configuring inetd and xinetd for IPv6 was
contributed by a user.  I have not checked it for accuracy or completeness,
but have included it as-is in the hope that it may be useful:

---------------------------------------------------------------------------
One thing you might consider adding to the docs are hints for setting up
inetd or xinetd to simultaneously listen on BOTH IPv4 and IPv6 for
different OS.

Some OS want to see separate IPv4-only and IPv6-only listening sockets
configured in inetd.conf or xinetd.conf.  Others will accept IPv4
connections on lines configured for IPv6 and actually generate errors if
you have both configured when inetd or xinetd start up.  It's not clear to
me whether this difference is due to how inetd or xinetd are built or
whether it's due to the kernel's IP stack implementation.  I suspect it's
really the latter.  Below are some examples:

Here's a fragment of /usr/local/etc/xinetd.conf for a FreeBSD 4.9 server:

service imap
{
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = root
        server          = /usr/local/libexec/imapd
}
service imap
{
        flags           = IPv6
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = root
        server          = /usr/local/libexec/imapd
}
service imaps
{
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = root
        server          = /usr/local/libexec/imapd
}
service imaps
{
        flags           = IPv6
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = root
        server          = /usr/local/libexec/imapd
}

Note that you have to specify a nearly identical paragraph for each
service which differs only by the 'flags = IPv6'.  An equivalent
inetd.conf would look something like:

imap  stream  tcp     nowait  root    /usr/local/libexec/imapd        imapd
imap  stream  tcp6    nowait  root    /usr/local/libexec/imapd        imapd
imaps stream  tcp     nowait  root    /usr/local/libexec/imapd        imapd
imaps stream  tcp6    nowait  root    /usr/local/libexec/imapd        imapd

The man pages for inetd suggest that if you use a single entry with
'tcp46' replacing either 'tcp' or 'tcp6' the system will listen on both
types of addresses.  At least for the case of FreeBSD this is actually
incorrect.

Now if you were to use the above xinetd.conf on Fedora Linux, it would
complain.  What does work under Linux is to create a single service
paragraph for each service which will accept connections on both IPv4 and
IPv6:

In /etc/xinetd.d/imap:

service imap
{
        flags       = IPv6
        disable     = no
        socket_type = stream
        wait        = no
        user        = root
        server      = /usr/local/sbin/imapd
}

In /etc/xinetd.d/imaps:

service imaps
{
        flags       = IPv6
        disable     = no
        socket_type = stream
        wait        = no
        user        = root
        server      = /usr/local/sbin/imapd
}

The man page for xinetd says the IPv6 flag means xinetd will listen ONLY
on IPv6.  However the actual behaviour (for Fedora Linux) is to listen on
both IPv4 and IPv6.

All of the above also applies to ipop3d.  Anyway, this might save some
folks a little bit of head scratching time.
---------------------------------------------------------------------------
Addendum from the original submitter:
---------------------------------------------------------------------------
I've since learned that the discrepancy really is a function of the OS.
It seems those systems that force you to create separate IPv4 and IPv6
listeners in inetd (or xinetd) are the same systems that also disable
IPv4-mapped IPv6 addresses by default.  This is a boot-time configuration
option.  If you enable IPv4-mapped IPv6 addresses, then the 'tcp46' option
in inetd works and the simplified config would look like:

imap4   stream  tcp46   nowait  root    /usr/local/libexec/imapd        imapd
imaps   stream  tcp46   nowait  root    /usr/local/libexec/imapd        imapd

In FreeBSD, enabling IPv4-mapped addresses is done by adding
ipv6_ipv4mapping="YES" to /etc/rc.conf (in addition to ipv6_enable="YES").