Quoth Hiroki Sato <h...@freebsd.org>: > Gregory Shapiro <gshap...@freebsd.org> wrote > in <20130108180920.gj36...@rugsucker.smi.sendmail.com>: > > gs> > How can I unstupid sendmail here? > gs> > gs> I don't think sendmail is being stupid here as it is doing what it has > gs> been doing under 8.x and 9.1 (the code is the same). I think > gs> something changed with the upgrade to 9.1. As far as tracking it > gs> down, the sendmail code does: > gs> > gs> getipnodebyname("acme.spoerlein.net", AF_INET6, AI_DEFAULT|AI_ALL, > gs> &err); > gs> > gs> This will only return an IPv4 mapped address if: > gs> > gs> 1. There are no IPv6 addresses configured on the interfaces. <snip> > gs> > gs> 2. The query for an AAAA record for acme.spoerlein.net failed. > gs> <snip>
This is not quite right. AI_DEFAULT is AI_V4MAPPED | AI_ADDRCONFIG. AI_V4MAPPED says 'if there are no AAAA records, query for A records and return them as v4-mapped addresses'. AI_ALL is only valid with AI_V4MAPPED, and says 'always query for A records and return v4-mapped addresses'. AI_ADDRCONFIG says 'only query for AAAA records if there is at least one interface with an IPv6 address; only query for A records if there is at least one interface with an IPv4 address'. (Loopback explicitly doesn't count for this purpose.) The resulting list of addresses is sorted according to ip6addrctl. So getipnodebyname is behaving correctly here: the host has both IPv4 and IPv6 addresses, and Sendmail is requesting both native and v4-mapped addresses be returned in all cases. The v4-mapped addresses are then sorted to the top of the list. On FreeBSD, where net.inet6.ip6.v6only is on by default, I believe this is incorrect, and Sendmail should be passing 0 for the flags argument, unless it's going to check or clear the IPV6_V6ONLY socket option. There is no point binding a socket to a v4-mapped address if the kernel isn't going to deliver IPv4 connections to it. Sendmail should also be binding to all the addresses returned, if it isn't already, rather than just the first: this would make the problem go away, since both v4-mapped and native IPv6 sockets would be bound, and the v4-mapped ones would simply never get any connections. Fixing this by setting ipv6_prefer is not necessarily a good idea; this will cause IPv6 addresses to be preferred across the whole system, and unless your IPv6 connectivity is at least as good as your IPv4, that probably isn't what you want. > Just curious, but is there any specific reason not to return an error > when Family=inet6 and no AAAA RR? In this case, Sendmail explicitly requested that v4-mapped addresses be returned in all cases... Ben _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"