Re: strange problem with ip6

Hi,

On Thu, 17 May 2007, Andrew Sullivan wrote:

> On Thu, May 17, 2007 at 07:29:47PM +0200, Christian Kratzer wrote:
>> supporting scoped addresses could have their uses but then again
>> theres nothing stopping you to bind multiple global ipv6 addresses
>> to your loopback interface which would work fine for disconnected
>> setups and it might be a bit cleaner.
>
> True, but there's no unscoped private-use address space in IPv6 the
> way there is in v4 (i.e. no 1918-style addresses for v6). Which
> means that unless you want to use addresses that ought to be
> scoped (like link-local) without a scope, you have to use real
> addresses instead. Hmm. Well, I guess you could use 2001:DB8::/32,
> which is reserved for documentation. I'm just worried that, because
> we don't support scoped addresses, people are going to configure
> things with _real_ addresses they haven't been allocated, and then
> accidentally connect such a configuration to the Internet. All my
> experience tells me that such things eventually always leak, and I'd
> hate for Postgres to be the source of that sort of damage.

thats what I also thought. Using link local addresses for real
applications is propably not quite what I would call "best practice"
but it will happen when people just turn on ipv6 and check what their
shiny new address looks like.

It's not that simple though. The ipv6 stack will propably not allow
users to build sockets from addresses in link local scope from a
specific interface to a server bound to a global address, ::1, or
scoped to any other interface. After all link local means exactly
this.

So if you have your postgres listening on ::1 you will not be
able to connect from your fe80::dead:beef%fxp0 address.

All in all it seems to me its best to leave everything as it is.

Greetings
Christian

>
> A
>
> --
> Andrew Sullivan | ajs(at)crankycanuck(dot)ca
> The whole tendency of modern prose is away from concreteness.
> --George Orwell
>
> ---------------------------(end of broadcast)---------------------------
> TIP 7: You can help support the PostgreSQL project by donating at
>
> http://www.postgresql.org/about/donate
>
>

--
Christian Kratzer CK Software GmbH
Email: ck(at)cksoft(dot)de Schwarzwaldstr. 31
Phone: +49 7452 889 135 D-71131 Jettingen
Fax: +49 7452 889 136 HRB 245288, Amtsgericht Stuttgart
Web: http://www.cksoft.de/ Geschaeftsfuehrer: Christian Kratzer