IPV6_RECVPKTINFO not working for IPv4-mapped addresses on Linux?
Hannes Frederic Sowa
hannes at stressinduktion.org
Mon Jan 20 23:13:23 CET 2014
On Mon, Jan 20, 2014 at 05:15:24PM +0000, Nick Hilliard wrote:
> On 20/01/2014 17:12, Simon Perreault wrote:
> > IIRC, recent versions of Bind open a socket per address on IPv4
>
> this feature was one of the main reasons I stopped using BIND. It has the
> side effect that you cannot necessarily set it up on a system which shares
> IP addresses using e.g. VRRP, because you cannot be guaranteed that the
> system will have the virtual IP address configured at the time that BIND
> starts. Frustrating.
That has a reason:
After Kaminsky attacks people looked how they can get more entropy into
dns requests and one thing is to spread the dns requests over each address
family's possible IPs each with an randomized ports. It's not only bind
which behaves like that, IIRC unbound does this too.
Greetings,
Hannes
More information about the ipv6-ops
mailing list