On 12/03/2013 06:11 AM, Karl Schmitz wrote: > maybe you should suggest adding the IPv4 compatibility DNS record (i.e., > *sks-peer AAAA ::ffff:94.142.241.93*) to the administrator of > sks-peer.spodhuis.org. > > To see if that'll work out, try adding an equivalent record to your > /etc/hosts temporarily.
I tested this by adding duplicate records to /etc/hosts on zimmermann.mayfirst.org for a couple of IPv4-only keyservers that zimmermann is peering with. even after touching /etc/sks/membership, the sks recon process did not pick up the new addresses, but it did pick them up when i restarted sks recon. This does appear to work for me. I included both the normal IPv4 and the IPv6-translated addresses for the hosts in question. for example: 204.13.164.120 keys.indymedia.org ::ffff:204.13.164.120 keys.indymedia.org the downside to this approach seems to be that i can't actually connect to those peers on the ::ffff:W.X.Y.Z address, since they do not have an IPv6 stack set up. It seems unlikely that people with a non-IPv6 setup would want to publish that AAAA record, since it won't work for communicating with them. It also seems like a bad idea for me to keep these addresses hard-coded in /etc/hosts, since DNS assignments might change. One approach to fix this would be to consider ::ffff:W.X.Y.Z the same as W.X.Y.Z. Here's a clunky way to do that (i'd be happy to see a better mechanism proposed by someone who really knows ocaml): ---------------- diff -r 0b577212aab4 membership.ml --- a/membership.ml Tue Sep 17 16:40:47 2013 -0400 +++ b/membership.ml Tue Dec 03 11:53:02 2013 -0500 @@ -156,9 +156,16 @@ let (m,mtime) = !membership in membership := (m,0.) +let compare_v4_v6 a b = + let a_s = Unix.string_of_inet_addr a in + let b_s = Unix.string_of_inet_addr b in + let prefix = "::ffff:" in + a_s = prefix ^ b_s || b_s = prefix ^ a_s + let same_inet_addr addr1 addr2 = match (addr1,addr2) with - (Unix.ADDR_INET (ip1,_), Unix.ADDR_INET (ip2,_)) -> ip1 = ip2 + (Unix.ADDR_INET (ip1,_), Unix.ADDR_INET (ip2,_)) -> + ip1 = ip2 || compare_v4_v6 ip1 ip2 | _ -> false let rec choose () = ---------------- --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel