advertises official IPv6 addresses
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| avahi (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
Hi,
avahi-daemon of 14.04 is currently breaking some of my services, e.g. squid-apt-proxy.
For security reasons, I have restricted access to services on my server machine in my LAN to link-local ipv6 addresses, i.e. FE80::
At the same time, I have a router advertising an official IPv6 prefix, so my server machine has both an official and a link-local ipv6 address. Unfortunately, avahi-daemon advertises the official address, thus having all clients run against fireall and application security rules.
Since avahi is limited to the link anyways (except when using a bonjour proxy), this does not make sense. It should advertise the link-local ipv6 address only (or at least should have a configuration option).
regards
Hadmut
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: avahi-daemon 0.6.31-4ubuntu1
ProcVersionSign
Uname: Linux 3.13.0-24-generic x86_64
NonfreeKernelMo
ApportVersion: 2.14.1-0ubuntu3
Architecture: amd64
Date: Sat Apr 19 13:59:36 2014
InstallationDate: Installed on 2011-06-29 (1025 days ago)
InstallationMedia: Ubuntu-Server 10.04.1 LTS "Lucid Lynx" - Release amd64 (20100816.2)
ProcEnviron:
TERM=xterm
PATH=(custom, no user)
XDG_RUNTIME_
LANG=en_US.UTF-8
SHELL=
SourcePackage: avahi
UpgradeStatus: Upgraded to trusty on 2014-04-18 (0 days ago)
mtime.conffile.
| Hadmut Danisch (hadmut) wrote | #1 |
