Hi Patrick, I was testing with ACLs on several Linux machines trying to allow access from localhost and a remote address. The machines use both IPv4 and IPv6 on different network interfaces. Localhost is being translated to IPv6 ::1.
I was trying to set an ACL allowing access from localhost and a remote machine. The remote machine uses IPv4 in this case, but localhost is IPv6, so that the ACL declared for 127.0.0.1 is not recognized. My workaround is currently enforcing the JVMs to use IPv4 in any case by setting the command line argument -Djava.net.preferIPv4Stack=true on all zookeeper server and client instances. ciao Thomas -----Ursprüngliche Nachricht----- Von: Patrick Hunt [mailto:[email protected]] Gesendet: Mittwoch, 4. Oktober 2017 19:52 An: UserZooKeeper <[email protected]> Betreff: Re: ZooKeeper 3.4.9: ACL based on IPv6 addresses Hi Thomas, I don't have any experience with this but I'm interested to know if you figured this out? If so would you be able to submit a jira and patch with a doc change explaining it? Or at the very least submit a jira explaining so that someone else can replicate/document? Thanks! Patrick On Wed, Sep 27, 2017 at 2:57 AM, Thomas Ta Keßler < [email protected]> wrote: > Hello, > > I would like to configure some ACL based on IPv6 addresses. > Unfortunately I do not find any documentation on this topic. The only > documentation refers to IPv4 addresses, a command would look like this using > CLI: > setAcl / ip:127.0.0.1:crdwa,ip:10.179.82.34:crdwa > > Does anyone know how to do it? Or maybe as a workaround how to > configure hostname based ACLs? > > Thank you... > Thomas >
