Re: connect to 0.0.0.0 vs ::

To: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
Subject: Re: connect to 0.0.0.0 vs ::
From: Dennis Ferguson <dennis.c.ferguson%gmail.com@localhost>
Date: Fri, 13 Feb 2015 14:20:44 -0800

On 13 Feb, 2015, at 09:57 , Manuel Bouyer <bouyer%antioche.eu.org@localhost> wrote:
> On Fri, Feb 13, 2015 at 09:37:06AM -0800, Dennis Ferguson wrote:
>> I wouldn't have expected this to work for either protocol.  The only
>> standard use of 0.0.0.0 and :: is as a source address, never a
>> destination (though standards for on-the-wire behaviour don't
>> necessarily dictate what goes on inside a host), while 127.0.0.1
>> and ::1 are explicitly meant to be used for this so I don't quite
>> get why it would want to use something else.  I'm struggling to
>> think of a problem that allowing this behaviour would solve.
> 
> It's lasyness from the apache developers I guess.
> But connecting to 127.0.0.1 or ::1 isn't guaranteed to work either:
> the httpd server may listen on a public address but not on the localhost
> addresses, depending on what's in the configuration.
> 
> What they to is to connect to one of the listen address (the last one from
> the list it seems). You can specify the listen address as 0.0.0.0 or ::,
> if you don't want to restrict to a speicific address. The apache 
> developers assume using this as destination address will also connect to
> one of the local addresses.

Got it.  As soon as I sent the last note I figured out why this is probably
a good idea.  If you run on a host without a loopback address for whatever
reason (if you use multiple routing tables/vrf's/domains it can be boring
to configure a loopback in every one) there should still be a way to
connect to local services without having to parse interface configuration
to find an address to connect to.  I think IPv6 should work this way
too.

I'm still wondering about the exact semantics, though.  If you restrict
your service to a local address that isn't 127.0.0.1, does telnet 0.0.0.0 80
still pick 127.0.0.1 for the connection, or does it find an address that
the port 80 service is actually listening for?  That is, is the 0.0.0.0
replaced by just any address, or does it actually go and look for addresses
bound to the port 80 listener?

Dennis Ferguson

Follow-Ups:
- Re: connect to 0.0.0.0 vs ::
  - From: Mouse
- Re: connect to 0.0.0.0 vs ::
  - From: Gert Doering

References:
- connect to 0.0.0.0 vs ::
  - From: Manuel Bouyer
- Re: connect to 0.0.0.0 vs ::
  - From: Dennis Ferguson
- Re: connect to 0.0.0.0 vs ::
  - From: Manuel Bouyer

Prev by Date: Re: connect to 0.0.0.0 vs ::
Next by Date: Re: connect to 0.0.0.0 vs ::
Previous by Thread: Re: connect to 0.0.0.0 vs ::
Next by Thread: Re: connect to 0.0.0.0 vs ::
Indexes:

Home | Main Index | Thread Index | Old Index