[RADIATOR] Radius::HTTPClient force IPv6?

C R publist.cr at gmail.com
Mon Jan 10 20:47:16 UTC 2022


HI Heikki,

It didn't go, but I gave it a good try :).

It looks like LocalAddress is set *after* the HTTPClient does the resolving:

2022-01-10T21:29:22+01:00: 00000000: Server started: Radiator 4.25 on
708ad38e7a11
2022-01-10T21:29:22+01:00: 00000000: Initialised SSL library:
Net::SSLeay 1.88, OpenSSL 1.1.1f  31 Mar 2020
2022-01-10T21:29:22+01:00: 00000000: Radius::HTTPClientConnection
setting TLS protocols to: TLSv1.2
2022-01-10T21:29:22+01:00: 00000000: Radius::HTTPClientConnection
$myhost-443  setting TLS_Ciphers to: DEFAULT:!EXPORT:!LOW
2022-01-10T21:29:22+01:00: 00000000: Stream attempting tcp connection
to $myhost ($ipv4_address port 443)
2022-01-10T21:29:22+01:00: 00000000: Stream attempting to use local
port 0, local address $ipv6_address
2022-01-10T21:29:22+01:00: 00000000: Stream: Could not bind to local
port 0 and address $ipv6_address: Address family not supported by
protocol

(Adding a non-zerocal LocalPort did not change the result.)

I resolved the local IP but putting code that injects a GlobalVar in a
BEGIN block of a library loaded by a StartupHook (which makes the var
available before the GlobalVar is used in the Authby REST block).

So besides forking the HTTPClient (with the risk of breaking other
stuff), I don't think there is much it can be done from within
Radiator configuration and hooks. If you get around to add a protocol
family hint in a future release, it would be greatly appreciated.

C.

Le lun. 10 janv. 2022 à 15:24, Heikki Vatiainen <hvn at open.com.au> a écrit :
>
> On 10.1.2022 15.11, C R wrote:
>
> >> If you prefix the name with 'ipv6:', it could do the trick.
> >
> > I will check this, but ipv6:https://$myservice/v1/foo looks a little
> > weird with the protocol part. (I need to work with DNS names because
> > the IP are dynamic being containers as well.)
>
> You're correct, that's not going to work. I was thinking of cases where
> the name is a single parameter.
>
> >> One other option might be to inject just the v6 address in the local
> >> /etc/hosts. I haven't tried it with a container, but it could also be
> >> one way to force IPv6.
> >
> > Related to the use of DNS names and dynamic IPs, I don't think this is
> > an option.
>
> Then I'm not completely sure yet how to handle this. A way to hint IPv6
> or IPv4 might be useful if names are used but all address types returned
> by DNS are not usable.
>
> > I'll post my results here.
>
> Please let us know how it goes, or doesn't.
>
> Thanks,
> Heikki
>
>
> --
> Heikki Vatiainen
> OSC, makers of Radiator
> Visit radiatorsoftware.com for Radiator AAA server software
> _______________________________________________
> radiator mailing list
> radiator at lists.open.com.au
> https://lists.open.com.au/mailman/listinfo/radiator


More information about the radiator mailing list