Currently, if IPv6-enabled rsync is run as --daemon, it will perform a wildcard bind(2) on an AF_INET6 socket and expect that IPv4 traffic will be forwarded to the v6 socket (IPv4 mapped address, RFC2553). This has never worked on OpenBSD which disallows IPv4 mapped addresses for security reasons. On FreeBSD 5.0-CURRENT, where the behavior is subject to configuration, the default was switched to "disable" a few days ago. According to their man page, NetBSD share this. Server processes that are to deal with IPv4 and IPv6 traffic will have to bind to two sockets, one for each protocol family. Servers that fail to do so and rely on the old IPv4 mapped addresses will end up handling IPv6 only. Symptoms on typical IPv6-enabled but only IPv4-connected hosts are that the daemon appears to be running fine but can't be reached. netstat -a will show a protocol type of tcp6 instead of the expected tcp46. Workarounds for IPv4-only users include specifying an appropriate --address or building rsync with --disable-ipv6. Currently, rsync in daemon mode is only designed to read from a single socket. Extending this to two sockets will require a bit of reworking, e.g. introducing a select(2) loop. This also suggests extending --address to accept multiple addresses (or allow multiple --address arguments). Altogether that's a bit more than I feel confident to tackle... -- Christian "naddy" Weisgerber naddy@mips.inka.de
NetBSD has the same problem On Sun, 28 Jul 2002 17:36:07 +0000 (UTC) naddy@mips.inka.de (Christian Weisgerber) wrote:> Currently, if IPv6-enabled rsync is run as --daemon, it will perform > a wildcard bind(2) on an AF_INET6 socket and expect that IPv4 traffic > will be forwarded to the v6 socket (IPv4 mapped address, RFC2553). > > This has never worked on OpenBSD which disallows IPv4 mapped addresses > for security reasons. On FreeBSD 5.0-CURRENT, where the behavior > is subject to configuration, the default was switched to "disable" > a few days ago. According to their man page, NetBSD share this. > > Server processes that are to deal with IPv4 and IPv6 traffic will > have to bind to two sockets, one for each protocol family. Servers > that fail to do so and rely on the old IPv4 mapped addresses will > end up handling IPv6 only. > > Symptoms on typical IPv6-enabled but only IPv4-connected hosts are > that the daemon appears to be running fine but can't be reached. > netstat -a will show a protocol type of tcp6 instead of the expected > tcp46. > > Workarounds for IPv4-only users include specifying an appropriate > --address or building rsync with --disable-ipv6. > > Currently, rsync in daemon mode is only designed to read from a single > socket. Extending this to two sockets will require a bit of reworking, > e.g. introducing a select(2) loop. This also suggests extending > --address to accept multiple addresses (or allow multiple --address > arguments). Altogether that's a bit more than I feel confident to > tackle... > > -- > Christian "naddy" Weisgerber naddy@mips.inka.de > > -- > To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync > Before posting, read: http://www.tuxedo.org/~esr/faqs/smart-questions.html >-- -- ==============================================================Christophe Prevotaux Email: c.prevotaux@hexanet.fr HEXANET SARL URL: http://www.hexanet.fr/ Z.A.C Les Charmilles Tel: +33 (0)3 26 79 30 05 3 All?e Thierry Sabine Direct: +33 (0)3 26 61 77 72 BP202 Fax: +33 (0)3 26 79 30 06 51686 Reims Cedex 2 FRANCE HEXANET Network Operation Center ===============================================================
I already posted about this ,but nobody seemesd to care On Sun, 28 Jul 2002 17:36:07 +0000 (UTC) naddy@mips.inka.de (Christian Weisgerber) wrote:> Currently, if IPv6-enabled rsync is run as --daemon, it will perform > a wildcard bind(2) on an AF_INET6 socket and expect that IPv4 traffic > will be forwarded to the v6 socket (IPv4 mapped address, RFC2553). > > This has never worked on OpenBSD which disallows IPv4 mapped addresses > for security reasons. On FreeBSD 5.0-CURRENT, where the behavior > is subject to configuration, the default was switched to "disable" > a few days ago. According to their man page, NetBSD share this. > > Server processes that are to deal with IPv4 and IPv6 traffic will > have to bind to two sockets, one for each protocol family. Servers > that fail to do so and rely on the old IPv4 mapped addresses will > end up handling IPv6 only. > > Symptoms on typical IPv6-enabled but only IPv4-connected hosts are > that the daemon appears to be running fine but can't be reached. > netstat -a will show a protocol type of tcp6 instead of the expected > tcp46. > > Workarounds for IPv4-only users include specifying an appropriate > --address or building rsync with --disable-ipv6. > > Currently, rsync in daemon mode is only designed to read from a single > socket. Extending this to two sockets will require a bit of reworking, > e.g. introducing a select(2) loop. This also suggests extending > --address to accept multiple addresses (or allow multiple --address > arguments). Altogether that's a bit more than I feel confident to > tackle... > > -- > Christian "naddy" Weisgerber naddy@mips.inka.de > > -- > To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync > Before posting, read: http://www.tuxedo.org/~esr/faqs/smart-questions.html >-- -- ==============================================================Christophe Prevotaux Email: c.prevotaux@hexanet.fr HEXANET SARL URL: http://www.hexanet.fr/ Z.A.C Les Charmilles Tel: +33 (0)3 26 79 30 05 3 All?e Thierry Sabine Direct: +33 (0)3 26 61 77 72 BP202 Fax: +33 (0)3 26 79 30 06 51686 Reims Cedex 2 FRANCE HEXANET Network Operation Center ===============================================================