diff --git a/secondary/common/util.go b/secondary/common/util.go
index b9b060d2f..bf55262f7 100644
--- a/secondary/common/util.go
+++ b/secondary/common/util.go
@@ -40,8 +40,6 @@ const (
 
 var ErrInvalidIndexName = fmt.Errorf("Invalid index name")
 
-var _isIpv6 bool
-
 // ExcludeStrings will exclude strings in `excludes` from `strs`. preserves the
 // order of `strs` in the result.
 func ExcludeStrings(strs []string, excludes []string) []string {
@@ -1150,11 +1148,11 @@ func ComputePercent(a, b int64) int64 {
 }
 
 func SetIpv6(isIpv6 bool) {
-	_isIpv6 = isIpv6
+	security.SetIpv6(isIpv6)
 }
 
 func IsIpv6() bool {
-	return _isIpv6
+	return security.IsIpv6()
 }
 
 func validateAuth(w http.ResponseWriter, r *http.Request) bool {
diff --git a/secondary/indexer/indexer.go b/secondary/indexer/indexer.go
index bf7b50e8b..e718f41bc 100644
--- a/secondary/indexer/indexer.go
+++ b/secondary/indexer/indexer.go
@@ -647,7 +647,7 @@ func (idx *indexer) initHttpServer() error {
 		Handler:      GetHTTPMux(),
 	}
 
-	lsnr, err := net.Listen("tcp", addr)
+	lsnr, err := security.MakeProtocolAwareTCPListener(addr)
 	if err != nil {
 		return fmt.Errorf("Error in creating TCP Listener: %v", err)
 	}
diff --git a/secondary/security/tls.go b/secondary/security/tls.go
index 1beb167a0..4b60026df 100644
--- a/secondary/security/tls.go
+++ b/secondary/security/tls.go
@@ -285,7 +285,7 @@ func MakeAndSecureTCPListener(addr string) (net.Listener, error) {
 		return nil, err
 	}
 
-	tcpListener, err := makeTCPListener(addr)
+	tcpListener, err := MakeProtocolAwareTCPListener(addr)
 	if err != nil {
 		return nil, err
 	}
@@ -317,6 +317,27 @@ func makeTCPListener(addr string) (net.Listener, error) {
 	return tcpListener, nil
 }
 
+//
+// Set up a TCP listener.
+// If the cluster setting dictates ipv6, then listener will bind only on
+// ipv6 addresses. Similarly if the cluster setting dictates ipv4, then
+// the listener will bind only on ipv4 addresses.
+//
+func MakeProtocolAwareTCPListener(addr string) (net.Listener, error) {
+
+	protocol := "tcp4"
+	if IsIpv6() {
+		protocol = "tcp6"
+	}
+
+	tcpListener, err := net.Listen(protocol, addr)
+	if err != nil {
+		return nil, err
+	}
+
+	return tcpListener, nil
+}
+
 //
 // Secure a TCP listener.  If encryption is requird, listener must already
 // setup with SSL port.
@@ -341,7 +362,7 @@ func MakeListener(addr string) (net.Listener, error) {
 		return nil, err
 	}
 
-	listener, err := makeTCPListener(addr)
+	listener, err := MakeProtocolAwareTCPListener(addr)
 	if err != nil {
 		return nil, err
 	}
@@ -726,3 +747,17 @@ func MakeHTTPServer(addr string) (*http.Server, error) {
 
 	return server, nil
 }
+
+//
+// Cluster wide ipv6 setting.
+//
+
+var _isIpv6 bool
+
+func SetIpv6(isIpv6 bool) {
+	_isIpv6 = isIpv6
+}
+
+func IsIpv6() bool {
+	return _isIpv6
+}