Allow :: as a bind address (binds to first public IPv6 address) #1219
Conversation
|
This looks cool. Personally, I don't see any reason not to merge (with tests, though). |
|
Added tests (based on the ipv4 ones) and rebased |
|
Cool, this LGTM. Only question is whether @armon, @ryanuber, or @slackpad have philosophical objections to "first public IPv6" being a supported config when we've only ever offered first available private IP binding for IPv4. I know there are systemic differences between IPv6 and IPv4 that make public IPs more appropriate in IPv6, but this is enough of a difference that I'm not comfortable merging without one of the project owners weighing in. |
|
Ok, also maybe I should rename it to the "first Global Unicast Address" instead of "first public IPv6" address. |
slackpad
added
type/enhancement
|
Hi @42wim wow sorry for the delay on this one! I think we can take this if you can to a rebase and use |
slackpad
removed
the
thinking
|
Ok, I changed it to [::] and rebased |
| if ip.To4() != nil { | ||
| continue | ||
| } | ||
| // do not bind link-local (fe80::/10) / ULA (fc00::/7) / loopback (::1) |
There was a problem hiding this comment.
@42wim I had one other question for you - this will catch the cases you care about - will it knock out any useful addresses? It looks like it's blocking a superset of what you want to avoid.
There was a problem hiding this comment.
@slackpad Those FX::/yy ranges are reserved for specials. Never say never, but the chance that a new global unicast address range will be allocated from that range is very slim.
There was a problem hiding this comment.
I noticed Go's net library had support for a couple of these so I tweaked this a little to be more specific.
There was a problem hiding this comment.
Oh nice! That's much better.
|
Thanks! |
This patch allows "::" to -bind (as the IPv6 counterpart for the IPv4 0.0.0.0)
The behaviour is opposite of the IPv4 though, it will look for the first public accessible IPv6 address to bind to. (instead of the first private accessible address with IPv4).
As IPv6 does not really have private addresses (not including ULA), if you want to use IPv6 you probably want to bind to the Global Unicast Address.
With these modifications, you can run IPv6-only containers with consul without knowing the IPv6 address beforehand. And thus can setup a complete IPv6-only consul environment.
If you're interested in merging this I'll add tests too.
Impacts #725
Fixes #529 if -bind :: is used