Heikki, That works. Thanks for the info, as I did not find it in the reference manual. I just looked, and my reference manual is a PDF from 2008. I will update ASAP.
Thanks again. -Jason On Jun 21, 2013, at 10:49 AM, Heikki Vatiainen <h...@open.com.au> wrote: > On 06/21/2013 04:06 PM, Mueller, Jason C wrote: >> I am trying to enable IPv6 on Radiator 4.11. > > See the reference manual section "5.5 Address binding" for more > information, but in short by default in Linux: > - BindAddress ipv6::: allows the socket to receive *both* IPv4 and IPv6 > UDP packets > - BindAddress 0.0.0.0 is for IPv4 only > - Using BindAddress 0.0.0.0,ipv6::: does not work since no matter which > order the wildcard addresses are listed, the IPv4 wildcard is tried to > be used twice > > The reason and solution are described here: > http://tools.ietf.org/html/rfc3493#section-5.3 > > "When this option is turned on, > the socket can be used to send and receive IPv6 packets only." > > The option is IPV6_V6ONLY and the system default can be switched from > (off) to on like this: > > # echo 1 > /proc/sys/net/ipv6/bindv6only > or > % sudo sysctl net.ipv6.bindv6only=1 > > Once you do this, you can have > BindAddress 0.0.0.0,ipv6::: > or > BindAddress ipv6:::0.0.0.0 > > because there's no more magic related to the different address families > in the wildcard anymore. > > >> When using the BindAddress configuration parameter, I have to specify an >> IPv6 address. When I specify an address that is in use by the local system, >> Radiator successfully binds to the IPv6 address. For example, I have a line >> like this in my radius.cfg file which does work: >> BindAddress 0.0.0.0,ipv6:2620:0:e50:200::5 >> >> However, I would prefer to use an IPv6 equivalent to IPv4's 0.0.0.0. The >> reason is that I would like the same configuration file to work across >> multiple systems. This simplifies management and allows for easy >> synchronization. >> >> I have tried ipv6:::, but that did not work. > > Actually it should work if you do this: > BindAddress ipv6::: > since ipv6::: will take care of both address families. > >> I also tried putting in a list of IPv6 addresses for each of the systems, >> thinking that it would successfully bind only to the IPv6 address locally >> configured and ignore the rest, but Radiator refuses to bind to any IPv6 >> addresses if there is a list of IPv6 addresses and one of them does not >> exist locally. For example, the following fails on a system configured with >> 2620:0:e50:200::5, because the address 2620:0:e50:300::5 does not exist on >> the system: >> BindAddress 0.0.0.0,ipv6:2620:0:e50:200::5,ipv6:2620:0:e50:300::5 > > That's correct. If the address is non-wildcard, the bind must succeed > currently. > >> I am hoping that someone has an IPv6 equivalent to 0.0.0.0 that works with >> Radiator. If not, any ideas that can help me keep the same config file >> across multiple systems when using IPv6 (like I can do with IPv4) would be >> appreciated. > > I think the most clear option is to turn on IPV6_V6ONLY and then use > BindAddress 0.0.0.0,ipv6:::. Then both IPv4 and IPv6 can be treated as > completely different protocols which they in practice pretty much are. > > However, the system defaults with BindAddress ipv6::: will take care of > IPv4 and IPv6 messages received by any address the host has. > > Thanks, > Heikki > > -- > Heikki Vatiainen <h...@open.com.au> > > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, > TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, > DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, > NetWare etc. > _______________________________________________ > radiator mailing list > radiator@open.com.au > http://www.open.com.au/mailman/listinfo/radiator _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
