[squid-users] Re: Re: Re: Re: commBind: Cannot bind socket

From: Markus Moeller <huaraz_at_moeller.plus.com>
Date: Sat, 14 Apr 2012 12:39:24 +0100

Hi Amos,

  I think there is a difference between bind to any IPv6 address and to an
interface IPv6 address. Sysctl disables IPv6 for interfaces doesn't it ?
For an any address there is no interface assigned so I would expect the
below to be fine even if IPv6 was disabled on all interfaces.

tcp 0 0 :::3128 :::* LISTEN
tcp 0 0 :::445 :::* LISTEN
tcp 0 0 :::139 :::* LISTEN

but any other IPv6 address will fail (e.g. ::1)

Markus

"Amos Jeffries" <squid3_at_treenet.co.nz> wrote in message
news:4F841B87.3040704_at_treenet.co.nz...
> On 10/04/2012 10:21 p.m., Markus Moeller wrote:
>> Hi Amos,
>>
>> These are my system settings:
>>
>> /etc/sysctl.conf
>> net.ipv6.conf.all.disable_ipv6 = 1
>>
>
> Okay, that should be enough.
> networking restarted after changing that?
>
>> ifconfig -a
>> eth0 Link encap:Ethernet HWaddr 00:0C:29:16:1F:37
>> inet addr:192.168.1.29 Bcast:192.168.1.255 Mask:255.255.255.0
>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>> RX packets:47856 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:43117 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:1000
>> RX bytes:5528524 (5.2 Mb) TX bytes:3213092 (3.0 Mb)
>>
>> lo Link encap:Local Loopback
>> inet addr:127.0.0.1 Mask:255.0.0.0
>> UP LOOPBACK RUNNING MTU:16436 Metric:1
>> RX packets:183 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:183 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:0
>> RX bytes:11503 (11.2 Kb) TX bytes:11503 (11.2 Kb)
>>
>
> Good, I think.
>
>>
>> and the log if I do not use ipv4 for the external helper:
>>
>>
>> 2012/04/10 11:17:07| Starting Squid Cache version 3.1.16 for
>> x86_64-suse-linux-gnu...
>> 2012/04/10 11:17:07| Process ID 17834
>> 2012/04/10 11:17:07| With 4096 file descriptors available
>> 2012/04/10 11:17:07| Initializing IP Cache...
>> 2012/04/10 11:17:07| DNS Socket created at [::], FD 8
>
> ?? successful IPv6 socket creation.
>
>> 2012/04/10 11:17:07| DNS Socket created at 0.0.0.0, FD 9
>> 2012/04/10 11:17:07| Adding domain suse.home from /etc/resolv.conf
>> 2012/04/10 11:17:07| Adding domain windows.home from /etc/resolv.conf
>> 2012/04/10 11:17:07| Adding nameserver 192.168.1.8 from /etc/resolv.conf
>> 2012/04/10 11:17:07| Adding nameserver 192.168.1.1 from /etc/resolv.conf
>> 2012/04/10 11:17:07| helperOpenServers: Starting 20/20
>> 'negotiate_wrapper_auth' processes
>> 2012/04/10 11:17:08| helperOpenServers: Starting 20/20 'ntlm_auth'
>> processes
>> 2012/04/10 11:17:08| helperOpenServers: Starting 5/5
>> 'ext_kerberos_ldap_group_acl' processes
>> 2012/04/10 11:17:08| commBind: Cannot bind socket FD 90 to [::1]: (99)
>> Cannot assign requested address
>> 2012/04/10 11:17:08| commBind: Cannot bind socket FD 91 to [::1]: (99)
>> Cannot assign requested address
>
> ?? but bind() fails when an opened IPv6 socket is used.
>
> ...
>> 2012/04/10 11:17:08| WARNING: Cannot run
>> '/opt/squid-3.2/lib/ext_kerberos_ldap_group_acl' process.
>> 2012/04/10 11:17:08| User-Agent logging is disabled.
>> 2012/04/10 11:17:08| Referer logging is disabled.
>> 2012/04/10 11:17:08| Unlinkd pipe opened on FD 104
>> 2012/04/10 11:17:08| Local cache digest enabled; rebuild/rewrite every
>> 3600/3600 sec
>> 2012/04/10 11:17:08| Store logging disabled
>> 2012/04/10 11:17:08| Swap maxSize 0 + 262144 KB, estimated 20164 objects
>> 2012/04/10 11:17:08| Target number of buckets: 1008
>> 2012/04/10 11:17:08| Using 8192 Store buckets
>> 2012/04/10 11:17:08| Max Mem size: 262144 KB
>> 2012/04/10 11:17:08| Max Swap size: 0 KB
>> 2012/04/10 11:17:08| Using Least Load store dir selection
>> 2012/04/10 11:17:08| Set Current Directory to /var/cache/squid
>> 2012/04/10 11:17:09| Loaded Icons.
>> 2012/04/10 11:17:09| Accepting HTTP connections at [::]:3128, FD 105.
>
> ?? and more successulf IPv6 socket() and listen() calls.
>
>> 2012/04/10 11:17:09| HTCP Disabled.
>> 2012/04/10 11:17:09| Squid plugin modules loaded: 0
>> 2012/04/10 11:17:09| Adaptation support is off.
>> 2012/04/10 11:17:09| Ready to serve requests.
>>
>>
>> With ipv4 as helper option it works:
>>
>>
>> 2012/04/09 19:14:24| Starting Squid Cache version 3.1.16 for
>> x86_64-suse-linux-gnu...
>> 2012/04/09 19:14:24| Process ID 15049
>> 2012/04/09 19:14:24| With 4096 file descriptors available
>> 2012/04/09 19:14:24| Initializing IP Cache...
>> 2012/04/09 19:14:24| DNS Socket created at [::], FD 8
>> 2012/04/09 19:14:24| DNS Socket created at 0.0.0.0, FD 9
>> 2012/04/09 19:14:24| Adding domain suse.home from /etc/resolv.conf
>> 2012/04/09 19:14:24| Adding domain windows.home from /etc/resolv.conf
>> 2012/04/09 19:14:24| Adding nameserver 192.168.1.8 from /etc/resolv.conf
>> 2012/04/09 19:14:24| Adding nameserver 192.168.1.1 from /etc/resolv.conf
>> 2012/04/09 19:14:24| helperOpenServers: Starting 20/20
>> 'negotiate_wrapper_auth' processes
>> 2012/04/09 19:14:24| helperOpenServers: Starting 20/20 'ntlm_auth'
>> processes
>> 2012/04/09 19:14:25| helperOpenServers: Starting 5/5
>> 'ext_kerberos_ldap_group_acl' processes
>> 2012/04/09 19:14:25| User-Agent logging is disabled.
>> 2012/04/09 19:14:25| Referer logging is disabled.
>> 2012/04/09 19:14:25| Unlinkd pipe opened on FD 104
>> 2012/04/09 19:14:25| Local cache digest enabled; rebuild/rewrite every
>> 3600/3600 sec
>> 2012/04/09 19:14:25| Store logging disabled
>> 2012/04/09 19:14:25| Swap maxSize 0 + 262144 KB, estimated 20164 objects
>> 2012/04/09 19:14:25| Target number of buckets: 1008
>> 2012/04/09 19:14:25| Using 8192 Store buckets
>> 2012/04/09 19:14:25| Max Mem size: 262144 KB
>> 2012/04/09 19:14:25| Max Swap size: 0 KB
>> 2012/04/09 19:14:25| Using Least Load store dir selection
>> 2012/04/09 19:14:25| Set Current Directory to /var/cache/squid
>> 2012/04/09 19:14:25| Loaded Icons.
>> 2012/04/09 19:14:25| Accepting HTTP connections at [::]:3128, FD 105.
>> 2012/04/09 19:14:25| HTCP Disabled.
>> 2012/04/09 19:14:25| Squid plugin modules loaded: 0
>> 2012/04/09 19:14:25| Adaptation support is off.
>> 2012/04/09 19:14:25| Ready to serve requests.
>>
>>
>> netstat -an
>> Active Internet connections (servers and established)
>> Proto Recv-Q Send-Q Local Address Foreign Address State
>> tcp 0 0 0.0.0.0:22 0.0.0.0:*
>> LISTEN
>> tcp 0 0 127.0.0.1:631 0.0.0.0:*
>> LISTEN
>> tcp 0 0 127.0.0.1:6010 0.0.0.0:*
>> LISTEN
>> tcp 0 0 127.0.0.1:6011 0.0.0.0:*
>> LISTEN
>> tcp 0 0 0.0.0.0:445 0.0.0.0:*
>> LISTEN
>> tcp 0 0 0.0.0.0:139 0.0.0.0:*
>> LISTEN
>> tcp 0 0 127.0.0.1:42285 127.0.0.1:44467 ESTABLISHED
>> tcp 0 0 127.0.0.1:48228 127.0.0.1:57780 ESTABLISHED
>> tcp 0 0 127.0.0.1:44467 127.0.0.1:42285 ESTABLISHED
>> tcp 0 0 192.168.1.29:22 192.168.1.8:52765 ESTABLISHED
>> tcp 0 0 127.0.0.1:35310 127.0.0.1:52240 ESTABLISHED
>> tcp 0 0 127.0.0.1:37647 127.0.0.1:49651 ESTABLISHED
>> tcp 0 0 192.168.1.29:59581 192.168.1.12:445 ESTABLISHED
>> tcp 0 0 127.0.0.1:41867 127.0.0.1:50921 ESTABLISHED
>> tcp 0 0 192.168.1.29:22 192.168.1.8:49435 ESTABLISHED
>> tcp 0 0 127.0.0.1:57780 127.0.0.1:48228 ESTABLISHED
>> tcp 0 0 127.0.0.1:52240 127.0.0.1:35310 ESTABLISHED
>> tcp 0 0 127.0.0.1:50921 127.0.0.1:41867 ESTABLISHED
>> tcp 0 0 192.168.1.29:22 192.168.1.8:49474 ESTABLISHED
>> tcp 0 0 127.0.0.1:49651 127.0.0.1:37647 ESTABLISHED
>> tcp 0 0 :::3128 :::*
>> LISTEN
>> tcp 0 0 :::445 :::*
>> LISTEN
>> tcp 0 0 :::139 :::*
>> LISTEN
>
> Looks like Squid is not alone in this.
>
>>
>>
>> Markus
>>
>> "Amos Jeffries" <squid3_at_treenet.co.nz> wrote in message
>> news:4F83B2D8.9050607_at_treenet.co.nz...
>>> On 10/04/2012 1:11 a.m., Markus Moeller wrote:
>>>> But it should be possible to determine that automatically (e.g. if the
>>>> bind on ::1 fails try ipv4) shouldn' it ?
>>>
>>> Yes. The socket handling is a bit strange in 3.1 though. Failover does
>>> not work on helpers. Mostly because its an internal channel, Squid is
>>> running the app at both ends, both are opening localhost / ::1.
>>>
>>> Going back and reading your report after some sleep, it would seem you
>>> did not fully disable IPv6 or restart Squid after changing such
>>> fundamental detail. The Squid startup sequence probes to determine
>>> whether an IPv6 stack is present, and what type. The "localhost" default
>>> values depend on those probes results, with ::1 preferred if available.
>>>
>>> Amos
>>>
>>>
>>>>
>>>> Thank you
>>>> Markus
>>>>
>>>> "Amos Jeffries" <squid3_at_treenet.co.nz> wrote in message
>>>> news:4F82CD96.8060708_at_treenet.co.nz...
>>>>> On 7/04/2012 12:08 p.m., Markus Moeller wrote:
>>>>>> It looks like to be an ipv6 problem. I disabled ipv6 on my OpenSuse,
>>>>>> but squid wants to bind on ::1 (ipv6 localhost) which fails.
>>>>>>
>>>>>> Is this a bug ?
>>>>>
>>>>> In the documentation yes. It has been fixed and will say the correct
>>>>> ipv4/ipv6 default in later confg manuals.
>>>>>
>>>>> You need to specify the "ipv4" option to get Squid to contect helpers
>>>>> on IPv4-only TCP sockets.
>>>>>
>>>>> Amos
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>
Received on Sat Apr 14 2012 - 11:39:43 MDT

This archive was generated by hypermail 2.2.0 : Sat Apr 14 2012 - 12:00:03 MDT