Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

nixos/kresd: Listen on IPv4 wildcard, too #101043

Closed
wants to merge 1 commit into from
Closed

Conversation

@fooker
Copy link
Contributor

@fooker fooker commented Oct 19, 2020

If only a port is specified in listen{Plain,TLS,DoH} option, kresd will now listen on IPv4 and IPv6 wildcard.

Motivation for this change

As specified here (https://github.com/CZ-NIC/knot-resolver/blob/d5fc45b3ac2aec9aba82c9b4868dc52a4ccbf026/daemon/io.c#L137) kresd 5.x will listen to IPv6 only, if a IPv6 address is specified in the net.listen directive.

Listening on IPv6 wildcard and IPv4 localhost looks like a mistake to me.
In addition, the current behavior tries to mimic the syntax of systemd.socket(5) ListenStream directive.
While the default for a port-only configuration depends on /proc/sys/net/ipv6/bindv6only, assuming this to be false seem fair to me.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.
If only a port is specified in listen{Plain,TLS,DoH} option, kresd
will now listen on IPv4 and IPv6 wildcard.
@fooker fooker closed this Jan 30, 2021
@fooker fooker deleted the kresd-wildcard branch Jan 30, 2021
vcunat added a commit that referenced this issue Mar 28, 2021
This makes sense to me.  I can't see any reference (incl. PR #78628)
why that commit of mine (ae74a0e) used 127.0.0.1 instead of 0.0.0.0
@vcunat
Copy link
Member

@vcunat vcunat commented Mar 28, 2021

Thank you. Unfortunately I haven't noticed this PR until today, but better late than never.

(Still, I assume I won't backport it to 20.09, in case the change could be an unpleasant surprise to someone.)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants