[squid-users] Problem with IPv6 config when destination is dual-stacked (but everything works when destination is IPv4 or IPv6 only)

From: Moser, Stefan \(SIDB\) <stefan.moser_at_siemens.com>
Date: Thu, 29 Oct 2009 16:37:03 +0100

Hi,

we are testing with squid, latest beta, in a dual-stack configuration:

squid is running on SLES 11. Server has 1 interface card only, configured with an IPv4 and IPv6 address, both running on standard 3128 port. Server has true, native IPv4 and IPv6 internet connectivity (no IPv6 tunnel broker, etc.). I have applied "IPv6 magic ACLs" as described in http://www.squid-cache.org/Doc/config/tcp_outgoing_address. Client (latest Internet Explorer and Firefox) talks to squid via IPv4 and IPv6 transport (that means, I enter an IPv4- or IPv6- address in browser´s connection settings).

Now, what DOES work, is the following:

1. IPv4 transport from browser to squid, squid can access an IPv4 only internet site (site has an A record only in DNS)
2. IPv4 transport from browser to squid, squid accesses an IPv6 only internet site (site has an AAAA record only in DNS)
3. IPv6 transport from browser to squid, squid accesses an IPv4 only internet site (site has an A record only in DNS)
4. IPv6 transport from browser to squid, squid accesses an IPv6 only internet site (site has an AAAA record only in DNS)

So far, so good, this IPv4 / IPv6 bridging obviously works.

Now, what does NOT work, is:

1. IPv4 transport from browser to squid, squid CANNOT access an IPv4/IPv6 internet site (that means, a site that has both A and AAAA in DNS and that is reachable via IPv6 and IPv4)
2. IPv6 transport from browser to squid, squid CANNOT access an IPv4/IPv6 internet site (that means, a site that has both A and AAAA in DNS and that is reachable via IPv6 and IPv4)

The cache log says (true IPv4 address removed for privacy reasons):

2009/10/28 15:59:46| commBind: Cannot bind socket FD 10 to <IPv4 address from my providers range>: (22) Invalid argument
2009/10/28 15:59:46| WARNING: Reset of FD 10 for <IPv4 address from my providers range>:failed to bind: (22) Invalid argument

Has everybody encountered the same problem?

With best regards,
Stefan Moser
Received on Thu Oct 29 2009 - 15:37:08 MDT

This archive was generated by hypermail 2.2.0 : Fri Oct 30 2009 - 12:00:03 MDT