tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]


I have some questions on net.inet6.ip6.v6only.

First: What does it mean, exactly?
My best guess is "a socket created with a domain argument of PF_INET6 will not
conect() to a RFC 3493 v6-mapped v4 address".

Second: What's the rationale behind the default being 1?

Third: What's the drawback (or what are the security implications) of setting
the knob to 0, i.e. enabling mapped addresses? My impression is that neither
squid nor lighttpd will, on a host with non-local v6 adresses, work correctly
without because they (on a v6 host) will only create PF_INET6 sockets and then
try to connect to v6-mapped v4 adresses.

Home | Main Index | Thread Index | Old Index