sendmail vs ipv6 broken after upgrade to 9.1

Hajimu UMEMOTO ume at FreeBSD.org
Wed Jan 9 17:07:20 UTC 2013 

Hi,

>>>>> On Wed, 9 Jan 2013 16:29:00 +0000
>>>>> Ben Morrow <ben at morrow.me.uk> said:

ben> Where does it say that? All I can find (but I might be being stupid) is
ben> the bit in the description of AI_ALL where it says 'A query is first
ben> made for AAAA records and if successful, the IPv6 addresses are
ben> returned. Another query is then made for A records and any found are
ben> returned as IPv4-mapped IPv6 addresses.'. I don't believe that is meant
ben> to indicate the AAAA results are returned first in the list, just that
ben> both sets of results are included.

It is the sentence you mentioned.  It was not thought those days that
a query order and an order of the value to return were another.  So, I
think that it implies the order of the value to return.

ben> Also, RFC 6724 (which is more recent), says 'we intend that
ben> implementations of APIs such as getaddrinfo() will use the destination
ben> address selection algorithm specified here to sort the list of IPv6 and
ben> IPv4 addresses that they return.'. AFAICS 'APIs such as getaddrinfo()'
ben> is supposed to include getipnodebyname and gethostbyname2, and the whole
ben> list of v4 and v6 addresses is supposed to be sorted by those rules.

I thought so at the time when I implemented it.  However,
getipnodebyname has IPv4-mapped addresses issue as compared with
getaddrinfo.
Since gethostbyname2 doesn't treat multiple families at once, it is
out of scope, IMHO.  gethostbyname2 in FreeBSD doesn't obey
ip6addrctl.

ben> However, given that FreeBSD disables the use of v4-mapped addresses on
ben> AF_INET6 sockets by default, it might be sensible to change the rules a
ben> little. An application making an AF_INET6 query is probably going to use
ben> the result with an AF_INET6 socket, so a v4-mapped address is going to
ben> be mostly useless.

There is IPV6_V6ONLY socket option.  Still, an application has two
choices:
- convert IPv4-mapped address to IPv4 address, or
- issue IPV6_V6ONLY socket option.
In anyway, I think it is important that an application conscious of
using the IPv4-mapped address.

> I've just committed to disable it:
> 
> http://svnweb.freebsd.org/base?view=revision&revision=245225

ben> I don't think that's the right answer. Even if the code should be
ben> changed to always return addresses from A records last, the IPv6
ben> addresses from AAAA records should still be sorted according to
ben> ip6addrctl. Otherwise sites with multiple prefixes (say, a ULA prefix
ben> and a global prefix) won't be able to control their use properly.

getipnodebyname was deprecated by RFC 3493 and appropriate time has
passed since then.  So, it is low-priority, IMHO.

Sincerely,

--
Hajimu UMEMOTO
ume at mahoroba.org  ume@{,jp.}FreeBSD.org
http://www.mahoroba.org/~ume/

More information about the freebsd-stable mailing list