net.inet6.ip6.v6only

To: tech-net%netbsd.org@localhost
Subject: net.inet6.ip6.v6only
From: Edgar Fuß <ef%math.uni-bonn.de@localhost>
Date: Thu, 18 Apr 2013 15:05:53 +0200

I have some questions on net.inet6.ip6.v6only.

First: What does it mean, exactly?
My best guess is "a socket created with a domain argument of PF_INET6 will not
conect() to a RFC 3493 v6-mapped v4 address".

Second: What's the rationale behind the default being 1?

Third: What's the drawback (or what are the security implications) of setting
the knob to 0, i.e. enabling mapped addresses? My impression is that neither
squid nor lighttpd will, on a host with non-local v6 adresses, work correctly
without because they (on a v6 host) will only create PF_INET6 sockets and then
try to connect to v6-mapped v4 adresses.

Follow-Ups:
- Re: net.inet6.ip6.v6only
  - From: Joerg Sonnenberger
- Re: net.inet6.ip6.v6only
  - From: Greg Troxel

Prev by Date: Re: Seeking opinion on where networking-related user space code should go
Next by Date: Re: net.inet6.ip6.v6only
Previous by Thread: Seeking opinion on where networking-related user space code should go
Next by Thread: Re: net.inet6.ip6.v6only
Indexes:

Home | Main Index | Thread Index | Old Index