[Fedora-directory-devel] IPv6 testing: listenhost
Noriko Hosoi
nhosoi at redhat.com
Fri Sep 15 22:41:23 UTC 2006
Hi Ulf! Thanks for your comments.
Fedora DS 1.0.2 should work fine for the basic cases. We need some
cleanup, though.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206724
But even without the change, the server already handles the IPv6 request
correctly. On the other hand, new LDAP C SDK is MUST. We updated the
prldap_connection code to use the IPv6 friendly functions (e.g.,
PR_GetAddrInfoByName). If you are interested in, please take a look at
this bug. You're going to see my struggles... :)
https://bugzilla.mozilla.org/show_bug.cgi?id=328791
--noriko
Ulf Weltman wrote:
> Hello Noriko. This is great news about IPv6!
> About the binding, it sounds correct but I imagine a sysadmin would
> find it inconvenient, wanting to be able to listen on a single
> physical interface in a multihomed system but have both IP and IPv6
> available. I guess they could bind LDAP to one and LDAPS to the other
> in a pinch. :)
>
> To try IPv6, do we need a DS build from the tip or just a new SDK?
>
> Ulf
>
> Noriko Hosoi wrote:
>
>> Hello,
>>
>> I'm testing listenhost using IPv6 address now.
>> I put this configuration attribute in cn=config.
>>
>> nsslapd-listenhost: fe80::208:74ff:fe18:fcd5%eth0
>>
>> And accessed the server using the IPv6 address as well as its IPv4
>> address. Here's the result:
>>
>> $ ./ldapsearch -h [fe80::208:74ff:fe38:fcd5] -p 12345 -b
>> "dc=example,dc=com" "(objectclass=*)" dn
>> dn: dc=example,dc=com
>>
>> $ ./ldapsearch -h 172.16.15.156 -p 12345 -b "dc=example,dc=com"
>> "(objectclass=*)" dn
>> ldap_simple_bind: Can't connect to the LDAP server - Connection
>> refused
>>
>> I think this is the expected behavior, but I'd like to have your
>> thoughts.
>> Please note that if there is no nsslapd-listenhost specified, the
>> both command lines return the same result "dn: dc=example,dc=com".
>> Also, to someone who is curious, to run the same test, you need a new
>> version of LDAP C SDK, which hasn't been released yet...
>>
>> Thanks,
>> --noriko
>>
>>------------------------------------------------------------------------
>>
>>--
>>Fedora-directory-devel mailing list
>>Fedora-directory-devel at redhat.com
>>https://www.redhat.com/mailman/listinfo/fedora-directory-devel
>>
>>
>------------------------------------------------------------------------
>
>--
>Fedora-directory-devel mailing list
>Fedora-directory-devel at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-devel
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3170 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20060915/5fc74865/attachment.bin>
More information about the Fedora-directory-devel
mailing list