Why is it that suddenly everyone is an expert in double-stack programming? Brian May:
>> For me, bindv6only=0 seems like an ugly hack designed to make existing >> applications work without change. Bindv6only=0 is a way to allow servers to be written to listen to just one socket, which allows making blocking accept calls. With bindv6only=1, you need to listen on two sockets simultaneously, which requires some mildly more complex code (either forking or calling select/poll.) (Yes, I know about setsockopt(IPV6_V6ONLY), and I use it whenever possible, but that's not portable.) Henrique de Moraes Holschuh: > one probably has to mess with /etc/gai.conf [...] > On a dual stack box and any application that does NOT work in ipv6only=1 > mode, you likely have to firewall/ACL off IPv4, IPv6, IPv4-mapped-in-IPv6 > ([::ffff:a.b.c.d]) and IPv6-compatible-IPv4 ([::a.b.c.d]). Icky. I suspect you don't really don't know what you're speaking about. With bindv6only=0, a v6 socket bound to :: will not accept v4 connections, full stop. With bindv6only=0, connecting a v6 socket to a v4-mapped address will not work, full stop. No amount of tweaking /etc/gai.conf, no amount of firewalling will change the above facts. Juliusz
pgpVsWjX2jDN7.pgp
Description: PGP signature