Project

General

Profile

Actions

IPv6-Config » History » Revision 1

Revision 1/12 | Next »
stbuehler, 2010-08-07 15:01


IPv6-Config

Listening to "real" IPv6 addresses

Examples:

  • server.bind = "[::1]"
  • $SERVER["socket"] == "[::1]:80" { ... }

You are fine with these - they only listen to IPv6 in any case.

Listening to not specified addresses

Examples:
  • not setting server.bind at all, but using server.use-ipv6 = "enable" in the global context
  • $SERVER["socket"] == ":80" { server.use-ipv6 = "enable" ... }

These configs listen on the IPv6 "any" address; depending on your system this may also accept IPv4 connections (default under linux unless your distribution disabled it; check sysctl net.ipv6.bindv6only).
So such configs may break any time if the kernel default changes.

Listening to [::]

If you use 1.4.27+ or have sysctl net.ipv6.bindv6only = 1, this will listen on IPv6 only, otherwise on IPv6 and IPv4:

Examples:
  • server.bind = "[::]"
  • $SERVER["socket"] == "[::]:80" { ... }

Recommended IPv6 setup

This works since 1.4.27 or sysctl net.ipv6.bindv6only = 1

# listen to ipv4
server.bind = "0.0.0.0" 
server.port = "80" 

# listen to ipv6
$SERVER["socket"] == "[::]:80" {  }

# if you need ssl
$SERVER["socket"] == "0.0.0.0:44" { <here your ssl options> }
$SERVER["socket"] == "[::]:443" { <here your ssl options again> }

Changes in 1.4.27

Since 1.4.27 lighttpd will set the "V6_ONLY" option for ipv6 sockets that were not empty hostname; i.e. these two will still use the system default for V6_ONLY as before:
  • server.bind = ""; server.use-ipv6 = "enable"
  • $SERVER["socket"] = ":443" { server.use-ipv6 = "enable" }
But for these cases lighttpd will only listen to IPv6 since 1.4.27 (or if sysctl net.ipv6.bindv6only is 1):
  • server.bind = "[::]"
  • server.bind = "localhost"; server.use-ipv6 = "enable"
  • $SERVER["socket"] = "[::]:443" { }
  • $SERVER["socket"] = "localhost:443" { server.use-ipv6 = "enable" }

You can restore the old behaviour if you set server.set-v6only = "disable" in the associated block. Use of this option is not recommended as long-term solution, as we will probably remove it again after some versions.

Updated by stbuehler over 14 years ago · 12 revisions