match-mapped-addresses 9.2.3

Andreas Sundstrom sunkan_nospam_ at _nospam_zappa.cx
Wed Dec 3 19:40:16 UTC 2003


I would like to understand exactly what the match-mapped-addresses 
option does.

I use Linux with IPv4 and IPv6 and I normally use these options:
         listen-on { none; };
         listen-on-v6 { any; };

with them I don't get any error messages in the syslog and everything 
seems to work as usual.

However I recently noted that the server master notices were ignored, so 
I used "rndc trace 3" to find out what happened and it was ofcourse the 
IPv4inIPv6 addressing scheme that was to blame. The server ignored the 
notify because the address was ::ffff:192.168.1.2 and not 192.168.1.2

I first got the notifies to work with the
allow-notify { ::ffff:192.168.1.2; };
statement.

Then I started searching a bit more for information and I learned that 
the option "match-mapped-addresses yes" was available to help with this 
problem.

First it worked as expected, allow-notify { 192.168.1.2; }; now got the 
notifies to work. What I didn't think was that when I then removed the 
allow-notify option it didn't work anymore, even if the masters server 
had the same IP. What I mean is that the zone below don't accept 
notifies from 192.168.1.2 when listening through the IPv6 socket and 
with match-mapped-addresses set to yes, it only works if the second 
comment is removed and an allow-notify is specified.

I thought that the server normally checks the notifier agains what the 
masters IP's are.

Have I made configuration mistakes or do I not understand how it works?
I would love to see some examples of how to get a decent working system 
with the IPv6 stack in Linux today. For example is "listen-on { none; 
};" recommended in this scenario?


zone "ws.se" in {
         type slave;
         masters { 192.168.1.2; };
//      allow-notify { ::ffff:192.168.1.2; };
//      allow-notify { 192.168.1.2; };
         file "slave/ws.se.hosts";
};

I hope I explained things good enough, thanks for any help/comments

/Andreas Sundstrom



More information about the bind-users mailing list