Does this mean that we can't bind to IPv4 and IPv6 separately on Linux to not get v6 mapped v4 addresses?
Am 2011-06-09 19:50, schrieb Heikki Vatiainen: > On 06/09/2011 05:37 PM, Dyonisius Visser wrote: >> Well, I installed a second instance on a dual stack host, and I tested >> various combinations: > Thanks for the summary. > >> BindAddress 192.87.30.31,ipv6:2001:610:148:dead::31 >> I.e. hardcoded addresses - this works, both IPv4 and IPv6 clients work >> >> BindAddress ipv6::: >> IPv4 blocked (NOTICE: Request from unknown client 192.87.30.32: ignored) > This should work if you specify your client like this: > > <Client ipv6:::ffff:192.87.30.32> > > Since the request arrived over IPv4 but was delivered to the application > by IPv6 wildcard socket, the IPv4 address is presented as an IPv6 > address. See > > http://tools.ietf.org/html/rfc4291#section-2.5.5 > > section "2.5.5.2. IPv4-Mapped IPv6 Address". The purpose of this mapping > is to let the application to know was the message received over IPv6 or > IPv4 since the socket can handle both protocols. > > >> BindAddress 0.0.0.0 >> This is the default. IPv4 clients work. IPv6 clients DO NOT work, >> and worse, nothing is logged by radiator, no "request from unknown >> client 2001:610:blah:blah" >> >> BindAddress ipv6:::,0.0.0.0 >> Startup gives some errors, and only IPv6 works: >> Thu Jun 9 16:25:54 2011: DEBUG: Finished reading configuration file >> '/etc/radiator/radius.cfg' >> Thu Jun 9 16:25:54 2011: DEBUG: Reading dictionary file >> '/etc/radiator/db/dictionary' >> Thu Jun 9 16:25:54 2011: DEBUG: Creating authentication port ipv6::::1812 >> Thu Jun 9 16:25:54 2011: DEBUG: Creating accounting port ipv6::::1813 >> Thu Jun 9 16:25:54 2011: DEBUG: Creating authentication port 0.0.0.0:1812 >> Thu Jun 9 16:25:54 2011: ERR: Could not bind authentication socket: >> Address already in use >> Thu Jun 9 16:25:54 2011: DEBUG: Creating accounting port 0.0.0.0:1813 >> Thu Jun 9 16:25:54 2011: ERR: Could not bind accounting socket: >> Address already in use >> Thu Jun 9 16:25:54 2011: NOTICE: Server started: Radiator 4.8 on radius >> Thu Jun 9 16:25:55 2011: NOTICE: Request from unknown client >> 145.100.98.42: ignored >> >> BindAddress 0.0.0.0,ipv6::: >> Also some errors, only IPv4 works, and also nothing logged when an >> IPv6 client connects: >> Thu Jun 9 16:27:42 2011: DEBUG: Finished reading configuration file >> '/etc/radiator/radius.cfg' >> Thu Jun 9 16:27:42 2011: DEBUG: Reading dictionary file >> '/etc/radiator/db/dictionary' >> Thu Jun 9 16:27:42 2011: DEBUG: Creating authentication port 0.0.0.0:1812 >> Thu Jun 9 16:27:42 2011: DEBUG: Creating accounting port 0.0.0.0:1813 >> Thu Jun 9 16:27:42 2011: DEBUG: Creating authentication port ipv6::::1812 >> Thu Jun 9 16:27:42 2011: ERR: Could not bind authentication socket: >> Address already in use >> Thu Jun 9 16:27:42 2011: DEBUG: Creating accounting port ipv6::::1813 >> Thu Jun 9 16:27:42 2011: ERR: Could not bind accounting socket: >> Address already in use >> Thu Jun 9 16:27:42 2011: NOTICE: Server started: Radiator 4.8 on radius >> >> >> So the only way I can radiator to accept requests from both protocols, >> is to hardcode the interface addresses. >> >> Would it be possible to have radiator listen to 4+6 without hard coding? >> >> I think that option (whatever it looks like) should be the default. >> >> If possible, can the behavior of the current default ('BindAddress >> 0.0.0.0') be changed so that it actually logs ignored incoming >> requests? >> I've spend quite some time figuring out what is going on, and only >> tcpdump revealed that requests are actually reaching my box. >> >> Thanks :-) >> > *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien Handelsgericht Wien, FN 79340b *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* Notice: This e-mail contains information that is confidential and may be privileged. If you are not the intended recipient, please notify the sender and then delete this e-mail immediately. *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator