On 01/28/2012 02:14 PM, Simon Iremonger wrote:
Package: nginx
Version: 1.1.12-1
Severity: normal
Tags: ipv6
Hi Simon.
The version of nginx in Squeeze [0.7.67-3], without any reconfiguration,
[in particular, without adding any explicit "listen" configuration],
happily creates both a 0.0.0.0:80 IPv4-only and a [::]:80 IPv6-only
socket.
However, BOTH the nginx wheezy [1.1.12-1] and squeeze-backports
[1.1.8-2~bpo60+1] versions, have the default behaviour (with
similar default-config, no "listen" lines) of listening ONLY
for Legacy IPv4 connections!!
This is bad when you have a dual-stacked host with both A and AAAA
pointers.
For example, squid3 on the same host, connecting to the host itself
by its' own name, gets 'connection refused' over IPv6 and doesn't
seem to fall back to IPv4 at all.
This can currenty be worked around by manually overriding the 'listen'
entries in the config, to have either an IPv4 socket AND an
IPv6-only-IPv6-listen-socket, or a single IPv6-with-IPv4-
compatibility listen socket.
We could, change the, default config file included, which creates
complexity in updating, though this may be needed to make
the comments in the file clear as to what is expected by default.
The "listen" lines are already commented, but maybe we can add some
words to make a more clear comment, like "## uncomment this line to
listen for ipv6 and ipv4" instead of "## listen for ipv6".
I also use dual stack and frankly, I don't understand why this a bad
bug. Everytime I upgrade a service which is in dual stack, I test both
connectivity. So it's just a matter of uncommenting a line and restart
the service.
And when I perform this kind of action on a production server, I always
test it on another server (even a virtual machine).
I would think, a neater thing to do would be to patch the code to
default to IPv4+IPv6 sockets, unless the user overrides it
in the config-file...
I don't agree with you. IPv6 is not actually widespread, as many servers
only operate with IPv4. So this could lead to other issues.
Also I think it's not the aim of the Debian packaging to change such
function in a packaged software. As the official documentation won't be
applicable on this nginx build.
But if you think you are right, you can still fill a bug directly to the
nginx project (or send a mail to the mailing list).
--Simon
Thanks.
--
Cyril "Davromaniak" Lavier
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org