My first IPv6 problem!

| | Comments (0) | TrackBacks (0)

Readers of this blog will know that I claim that IPv6 adoption isn't as painful as some make it out to be. Well, after using IPv6 for several years, I've encountered my first real issue.

Yesterday, I was testing the builtin Kerberos library for v6 support on an AIX 5.3 machine. Since I was using the machine anyway, I decided to assign it a static IPv6 address, rather than using auto-configuration. A colleague in ET is the primary admin for the machine. He installed TCPwrappers on the box, but didn't use the IPv6-capable version.

So, now, I can't ssh into it over v6. But since there's an AAAA record for it, my ssh clients try to connect over IPv6 first. TCPWrappers immediately denies the connection, so there's about 3.7 microseconds of additional latency to establish the session (I happen to be only one hop from the box).

For the moment, I've fixed the problem by putting the following into my ~/.ssh/config:

Host foo.et-test.psu.edu
  AddressFamily inet

This forces OpenSSH only to use IPv4 for host foo.et-test.psu.edu.

I'm off to compile the IPv6-capable version of TCP Wrappers. Since I've never built anything on AIX, this should be fun.

0 TrackBacks

Listed below are links to blogs that reference this entry: My first IPv6 problem!.

TrackBack URL for this entry: https://blogs.psu.edu/mt4/mt-tb.cgi/627

Leave a comment