[Pdns-users] IPv4 and IPv6 sockets at the same time
Marten Lehmann
lehmann at cnm.de
Thu Jul 21 15:12:25 UTC 2011
Hello,
> This might be a variant of http://wiki.powerdns.com/trac/ticket/209
> Could you open a new bug and reference 209 in the description?
no, I've found the problem:
Line 123 in pdns_recursor.cc defines the default allow-from rules:
#define LOCAL_NETS "127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16,
172.16.0.0/12, ::1/128, fe80::/10"
So as long as I'm not defining my own allow-from rules the defaults are
used, which work fine for IPv4 and IPv6 in local nets.
But as my goal was to have the recursor listen on a public IPv4 address
(e.g. 71.72.73.74) as well as on a local IPv6 address (::1) my
allow-from rule 0.0.0.0/0 was not sufficient, since it granted IPv4
access from everywhere but at the same time replaced the default rules
thus removing the permissions to answer to local IPv6 requests.
So the correct rule in my situation would be:
allow-from=::1/128,0.0.0.0/0
or
allow-from=::0/0,0.0.0.0/0
if I'd like to grant access through IPv6 from everywhere.
Could you please add such IPv6 examples in the documentation at
http://doc.powerdns.com/built-in-recursor.html? I guess it would be
helpful for others experimenting with IPv6. Thanks.
Kind regards
Marten
More information about the Pdns-users
mailing list