FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Development

 
 
LinkBack Thread Tools
 
Old 04-06-2010, 12:04 PM
Kazuo Oishi
 
Default Default value of net.ipv6.bindv6only should revert to 0

I have send this message to BTS and rejected.

md@Linux.IT (Marco d'Itri) writes:
>> Default value of net.ipv6.bindv6only should revert to 0.
> This has already been discussed on debian-devel and I do not see any new
> arguments here.

I have already read debian-devel archive, but I was not able to
found necessity to change default value of net.ipv6.bindv6only to 1.

Anyone, could you teach me why net.ipv6.bindv6only need to be set
to 1 globally, and why other good programs need to be changed?
I think it should revert.


http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576633
-----------------------------------------------------------
Default value of net.ipv6.bindv6only should revert to 0.

1. RFC 3493 explicitly allows applications to use AF_INET6 socket
to receive IPv4 connection.

2. If some applications want to restrict their use of an AF_INET6
socket to IPv6 communications only, they can use IPV6_V6ONLY.
It is effective even if net.ipv6.bindv6only is 0.
(In addition, RFC 3493 explicitly says IPV6_V6ONLY is turned off
(0) by default.)

3. Default value of net.ipv6.bindv6only is 0 in Linux kernel and
other Linux distributions. We should never introduce such
meaningless incompatibility.


If an application does not work with net.ipv6.bindv6only = 1, it
does not mean that program is broken.

But if an application does not work with net.ipv6.bindv6only = 0,
it's broken as Linux application.
-----------------------------------------------------------

--
Kazuo Oishi


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 87r5msss71.fsf@molech.giraffy.jp">http://lists.debian.org/87r5msss71.fsf@molech.giraffy.jp
 
Old 04-06-2010, 01:31 PM
Stephane Bortzmeyer
 
Default Default value of net.ipv6.bindv6only should revert to 0

On Tue, Apr 06, 2010 at 09:04:18PM +0900,
Kazuo Oishi <oishi@giraffy.jp> wrote
a message of 48 lines which said:

> Anyone, could you teach me why net.ipv6.bindv6only need to be set
> to 1 globally, and why other good programs need to be changed?
> I think it should revert.

I do not claim to have a final opinion on this matter except that, as
a programmer, net.ipv6.bindv6only=0 is clearly simpler, a listening
program has just to open one (IPv6) socket and it is version-agnostic.

The question has recently been discussed in the Go language community:

http://groups.google.com/group/golang-nuts/msg/861dbe3c7f1aae1d
http://code.google.com/p/go/issues/detail?id=679

Go libraries currently fail when net.ipv6.bindv6only=1:

http://code.google.com/p/go/issues/detail?id=685


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100406133140.GA10966@nic.fr">http://lists.debian.org/20100406133140.GA10966@nic.fr
 
Old 04-06-2010, 01:47 PM
Sylvestre Ledru
 
Default Default value of net.ipv6.bindv6only should revert to 0

Le mardi 06 avril 2010 à 21:04 +0900, Kazuo Oishi a écrit :
> I have send this message to BTS and rejected.
>
> md@Linux.IT (Marco d'Itri) writes:
> >> Default value of net.ipv6.bindv6only should revert to 0.
> > This has already been discussed on debian-devel and I do not see any new
> > arguments here.
>
> I have already read debian-devel archive, but I was not able to
> found necessity to change default value of net.ipv6.bindv6only to 1.
>
> Anyone, could you teach me why net.ipv6.bindv6only need to be set
> to 1 globally, and why other good programs need to be changed?
> I think it should revert.
As the new sun-java6 maintainer with an egoistic point of view, I'd like
this too.

I don't see Oracle/Sun fixing this issue soon since the bug has been
open in October 2005 [1] and the latest release of the JDK 6 (update 19)
does not include this fix (it has been released last week) [2].

There is a patch for the OpenJDK but since the official Sun JDK is not
free, I cannot apply it...

Sylvestre
PS: Note that, for now, many people are still using the closed JDK for
various reasons (bugs, performances, etc).
[1] http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6342561
[2] http://java.sun.com/javase/6/webnotes/6u19.html



--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 1270561675.558.633.camel@korcula.inria.fr">http://lists.debian.org/1270561675.558.633.camel@korcula.inria.fr
 
Old 04-07-2010, 06:20 AM
Vincent Danjean
 
Default Default value of net.ipv6.bindv6only should revert to 0

On 06/04/2010 15:47, Sylvestre Ledru wrote:
> Le mardi 06 avril 2010 à 21:04 +0900, Kazuo Oishi a écrit :
>> I have send this message to BTS and rejected.
>>
>> md@Linux.IT (Marco d'Itri) writes:
>>>> Default value of net.ipv6.bindv6only should revert to 0.
>>> This has already been discussed on debian-devel and I do not see any new
>>> arguments here.
>>
>> I have already read debian-devel archive, but I was not able to
>> found necessity to change default value of net.ipv6.bindv6only to 1.
>>
>> Anyone, could you teach me why net.ipv6.bindv6only need to be set
>> to 1 globally, and why other good programs need to be changed?
>> I think it should revert.

I've no strong opinion about the default value for net.ipv6.bindv6only.
However, I think that any application that breaks if the default value
is 0 or 1 is broken and a bug must be filled..

> As the new sun-java6 maintainer with an egoistic point of view, I'd like
> this too.
>
> I don't see Oracle/Sun fixing this issue soon since the bug has been
> open in October 2005 [1] and the latest release of the JDK 6 (update 19)
> does not include this fix (it has been released last week) [2].
>
> There is a patch for the OpenJDK but since the official Sun JDK is not
> free, I cannot apply it...

...and squeeze should be released with the default value that minimizes
the number of broken behavior (not the number of bugs because whatever
the default value is, if the application depends on a particular default
value, the bug exists)

Some people around me have been hit by this java bug. They do not read
d-d have they would have never found what was broken if they did not
talk with me. This bug is really difficult to diagnose for a simple user.

Regards,
Vincent

> Sylvestre
> PS: Note that, for now, many people are still using the closed JDK for
> various reasons (bugs, performances, etc).
> [1] http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6342561
> [2] http://java.sun.com/javase/6/webnotes/6u19.html
>
>
>


--
Vincent Danjean GPG key ID 0x9D025E87 vdanjean@debian.org
GPG key fingerprint: FC95 08A6 854D DB48 4B9A 8A94 0BF7 7867 9D02 5E87
Unofficial packages: http://moais.imag.fr/membres/vincent.danjean/deb.html
APT repo: deb http://perso.debian.org/~vdanjean/debian unstable main


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4BBC2435.5050106@free.fr">http://lists.debian.org/4BBC2435.5050106@free.fr
 
Old 04-07-2010, 07:14 AM
"Bernhard R. Link"
 
Default Default value of net.ipv6.bindv6only should revert to 0

* Vincent Danjean <vdanjean.ml@free.fr> [100407 08:21]:
> ...and squeeze should be released with the default value that minimizes
> the number of broken behavior (not the number of bugs because whatever
> the default value is, if the application depends on a particular default
> value, the bug exists)

I guess the question is how to count the brokeness. Just because the
setting confuses java (which given how long severe bugs caused by some
terminal ill code in java tend to live, will no change soon, so waiting
for java is not really an option) does not mean that many other programs
do nasty things without it.

I personally would prefer ipv6 to still be a module so it can be
blacklisted or some other way to disable it, but having this option on
by default at least avoids many annoiances in ipv4 world.

Hochachtungsvoll,
Bernhard R. Link


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100407071414.GA21078@pcpool00.mathematik.uni-freiburg.de">http://lists.debian.org/20100407071414.GA21078@pcpool00.mathematik.uni-freiburg.de
 
Old 04-07-2010, 07:22 AM
Ludovico Cavedon
 
Default Default value of net.ipv6.bindv6only should revert to 0

On Tue, Apr 6, 2010 at 11:20 PM, Vincent Danjean <vdanjean.ml@free.fr> wrote:
> ...and squeeze should be released with the default value that minimizes
> the number of broken behavior (not the number of bugs because whatever
> the default value is, if the application depends on a particular default
> value, the bug exists)

I agree.
I remember some arguments like "bindv6only=0 is a linux specific
option, and e.g. does not work with the freebsd kernel", which in
principle makes sense, but if too many applications break, it means we
are not ready for that.

Btw: how many are the affected applications?

> Some people around me have been hit by this java bug. They do not read
> d-d have they would have never found what was broken if they did not
> talk with me. This bug is really difficult to diagnose for a simple user.

Yes, and even reading the d-d, it took me a while to realized the
issues I was having were caused by the change to bindv6only.

About the java-6-sun package: would it be possible to work around that
by LD_PRELOADing a wrapper to socket/bind/setsockopt which set
BINDv6ONLY to 0 for IP sockets?

Cheers,
Ludovico


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: u2j7337540c1004070022p9580e96fy548693676d73cb5@mai l.gmail.com">http://lists.debian.org/u2j7337540c1004070022p9580e96fy548693676d73cb5@mai l.gmail.com
 
Old 04-07-2010, 08:04 AM
Kazuo Oishi
 
Default Default value of net.ipv6.bindv6only should revert to 0

Vincent Danjean <vdanjean.ml@free.fr> writes:
>>> Anyone, could you teach me why net.ipv6.bindv6only need to be set
>>> to 1 globally, and why other good programs need to be changed?
>>> I think it should revert.
>
> I've no strong opinion about the default value for net.ipv6.bindv6only.
> However, I think that any application that breaks if the default value
> is 0 or 1 is broken and a bug must be filled..

I think that an application which depends on net.ipv6.bindv6only=1 is
broken (at least as Linux application).

And I think that an application which depends on bindv6only=0 might have
a problem on portability and it might be a bug, but it should work with
Debian as ever. Setting bindv6only=1 and breaking these programs,
including outside of Debian packages, would not be a good choice.

--
Kazuo Oishi


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 87sk77r8lx.fsf@molech.giraffy.jp">http://lists.debian.org/87sk77r8lx.fsf@molech.giraffy.jp
 
Old 04-07-2010, 09:04 AM
Adam Borowski
 
Default Default value of net.ipv6.bindv6only should revert to 0

On Wed, Apr 07, 2010 at 12:22:26AM -0700, Ludovico Cavedon wrote:
> On Tue, Apr 6, 2010 at 11:20 PM, Vincent Danjean <vdanjean.ml@free.fr> wrote:
> > ...and squeeze should be released with the default value that minimizes
> > the number of broken behavior

That is, whatever is consistent with the standards, ie, bindb6only=0.

> I agree.
> I remember some arguments like "bindv6only=0 is a linux specific
> option, and e.g. does not work with the freebsd kernel", which in
> principle makes sense, but if too many applications break, it means we
> are not ready for that.

bindv6only=1 is a freebsd-only bug.

It was introduced in an attempt to secure misguided cases where people
blacklist some address ranges instead of whitelisting.

> > Some people around me have been hit by this java bug. They do not read
> > d-d have they would have never found what was broken if they did not
> > talk with me. This bug is really difficult to diagnose for a simple user.
>
> About the java-6-sun package: would it be possible to work around that
> by LD_PRELOADing a wrapper to socket/bind/setsockopt which set
> BINDv6ONLY to 0 for IP sockets?

It is not a bug to rely on the behaviour the RFCs specify, especially that
you need to do some work to work around the BSD limitation.

--
1KB // Microsoft corollary to Hanlon's razor:
// Never attribute to stupidity what can be
// adequately explained by malice.


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100407090447.GA11384@angband.pl">http://lists.debian.org/20100407090447.GA11384@angband.pl
 
Old 04-07-2010, 09:08 AM
Stanislav Maslovski
 
Default Default value of net.ipv6.bindv6only should revert to 0

On Wed, Apr 07, 2010 at 05:04:58PM +0900, Kazuo Oishi wrote:
> Vincent Danjean <vdanjean.ml@free.fr> writes:
> >>> Anyone, could you teach me why net.ipv6.bindv6only need to be set
> >>> to 1 globally, and why other good programs need to be changed?
> >>> I think it should revert.
> >
> > I've no strong opinion about the default value for net.ipv6.bindv6only.
> > However, I think that any application that breaks if the default value
> > is 0 or 1 is broken and a bug must be filled..
>
> I think that an application which depends on net.ipv6.bindv6only=1 is
> broken (at least as Linux application).

I am not sure that there are such applications. Can you give us an
example?

> And I think that an application which depends on bindv6only=0 might have
> a problem on portability and it might be a bug, but it should work with
> Debian as ever. Setting bindv6only=1 and breaking these programs,
> including outside of Debian packages, would not be a good choice.

Well, nothing forbids you from changing that option on your own
system, if you really need it.

BTW, a related question to everyone: from reading /etc/init.d./procps
I see that files in /etc/sysctl.d/ take a precedence over
/etc/sysctl.conf. Should not it be the other way around?

--
Stanislav


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100407090837.GA13712@kaiba.homelan">http://lists.debian.org/20100407090837.GA13712@kaiba.homelan
 
Old 04-07-2010, 10:59 AM
Kazuo Oishi
 
Default Default value of net.ipv6.bindv6only should revert to 0

Stanislav Maslovski <stanislav.maslovski@gmail.com> writes:
>> I think that an application which depends on net.ipv6.bindv6only=1 is
>> broken (at least as Linux application).
>
> I am not sure that there are such applications. Can you give us an
> example?

Sorry, I don't know whether such applications really exist.

I just expect that this default value change of net.ipv6.bindv6only
from 0 to 1 (introduced from netbase 4.38) would cause that.
I cannot imagine other reason to change this default value.


>> And I think that an application which depends on bindv6only=0 might have
>> a problem on portability and it might be a bug, but it should work with
>> Debian as ever. Setting bindv6only=1 and breaking these programs,
>> including outside of Debian packages, would not be a good choice.
>
> Well, nothing forbids you from changing that option on your own
> system, if you really need it.

Yes. But if any core applications were depend on
bindv6only=1, we can not change it's value to 0 any more.

So I wish that default value of net.ipv6.bindv6only revert to 0.

--
Kazuo Oishi


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 87bpdvr0je.fsf@molech.giraffy.jp">http://lists.debian.org/87bpdvr0je.fsf@molech.giraffy.jp
 

Thread Tools




All times are GMT. The time now is 11:06 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org