| View previous topic :: View next topic |
| Author |
Message |
22decembre
Guru
Joined: 08 May 2010
Posts: 308
Location: Paris, banlieue sud (Massy et alentours)
|
 Posted: Sat Sep 24, 2011 8:50 am Post subject: postfix doesn't listen on ipv6 |
 |
|
hello
I have setup a mail server. This works fine, appart from few things I am going to solve slowly. The first is that postfix seems not to listen on ipv6 on any external socket :
| Code: |
10:42 root@einstein ~ # netstat -lp|grep master
tcp 0 0 *:submission *:* LISTEN 5309/master
tcp 0 0 *:smtp *:* LISTEN 5309/master
tcp 0 0 einstein.22decemb:10025 *:* LISTEN 5309/master
|
but I have enabled ipv6 everywhere in the server :
| Code: | 10:46 root@einstein ~ # emerge --info postfix
Portage 2.1.10.3 (hardened/linux/amd64, gcc-4.4.5, glibc-2.13-r2, 2.6.36-hardened-r9 x86_64)
=================================================================
System Settings
=================================================================
System uname: Linux-2.6.36-hardened-r9-x86_64-AMD_Athlon-tm-_64_X2_Dual_Core_Processor_5200+-with-gentoo-2.0.3
Timestamp of tree: Fri, 23 Sep 2011 13:30:01 +0000
distcc 3.1 x86_64-pc-linux-gnu [disabled]
ccache version 3.1.4 [enabled]
app-shells/bash: 4.1_p9
dev-lang/python: 2.6.6-r2, 2.7.1-r1, 3.1.3-r1
dev-util/ccache: 3.1.4
dev-util/cmake: 2.8.4-r1
dev-util/pkgconfig: 0.26
sys-apps/baselayout: 2.0.3
sys-apps/openrc: 0.8.3-r1
sys-apps/sandbox: 2.4
sys-devel/autoconf: 2.68
sys-devel/automake: 1.8.5-r4, 1.11.1
sys-devel/binutils: 2.20.1-r1
sys-devel/gcc: 4.4.5, 4.5.2
sys-devel/gcc-config: 1.4.1-r1
sys-devel/libtool: 2.4-r1
sys-devel/make: 3.82
sys-kernel/linux-headers: 2.6.36.1 (virtual/os-headers)
sys-libs/glibc: 2.13-r2
Repositories: gentoo foo-overlay mysql
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="* -@EULA"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe -march=native -fomit-frame-pointer"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /var/yp/Makefile"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/eselect/postgresql /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.2/ext-active/ /etc/php/apache2-php5.3/ext-active/ /etc/php/cgi-php5.2/ext-active/ /etc/php/cgi-php5.3/ext-active/ /etc/php/cli-php5.2/ext-active/ /etc/php/cli-php5.3/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -pipe -march=native -fomit-frame-pointer"
DISTDIR="/mnt/distfiles"
EMERGE_DEFAULT_OPTS="--jobs=5 --load-average=5.0"
FEATURES="assume-digests binpkg-logs ccache distlocks ebuild-locks fixlafiles fixpackages news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"
FFLAGS=""
GENTOO_MIRRORS="ftp://mirrors.linuxant.fr/distfiles.gentoo.org/"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="fr fr_FR en en_GB en_US"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/tmp_portage"
PORTDIR="/mnt/portage"
PORTDIR_OVERLAY="/var/lib/layman/foo-overlay /var/lib/layman/mysql"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="amd64 avahi berkdb bzip2 cli cracklib crypt cups cxx dri gdbm gpm hardened iconv ipv6 jpeg justify mmx modules mudflap multilib ncurses nls nptl nptlonly openmp pam pax_kernel pcre perl png pppd python readline session sse sse2 ssl svg sysfs syslog tcpd threads unicode urandom xml xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="fr fr_FR en en_GB en_US" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga neomagic nouveau nv r128 radeon savage sis tdfx trident vesa via vmware dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset: CPPFLAGS, CTARGET, INSTALL_MASK, LANG, LC_ALL, MAKEOPTS, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
=================================================================
Package Settings
=================================================================
mail-mta/postfix-2.8.4 was built with the following:
USE="dovecot-sasl hardened ipv6 (multilib) pam ssl -cdb -doc -ldap -ldap-bind -mbox -mysql -nis -postgres -sasl (-selinux) -sqlite -vda" |
and in main.cf :
| Code: | # RECEIVING MAIL
inet_interfaces = all
inet_protocols = ipv4, ipv6
|
How could I solve this ?
_________________
Portable Gentoo installé depuis ~fevrier 2010, kde4 ( doc : http://www.22decembre.eu/gentoo-portable/)
Serveur Maison Gentoo depuis ~avril 2010 (doc : http://www.22decembre.eu/gentoo-serveur/)
http://www.22decembre.eu |
|
| Back to top |
|
 |
cach0rr0
Bodhisattva
Joined: 13 Nov 2008
Posts: 4123
Location: Houston, Republic of Texas
|
| Posted: Sat Sep 24, 2011 8:58 am Post subject: |
|
|
does your NIC actually have an ipv6 address? sorry if it's a silly question, but usually this issue == NIC doesnt have an ipv6 address, or ipv6 not enabled in kernel
_________________
Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash |
|
| Back to top |
|
|
22decembre
Guru
Joined: 08 May 2010
Posts: 308
Location: Paris, banlieue sud (Massy et alentours)
|
| Posted: Sat Sep 24, 2011 9:32 am Post subject: |
|
|
I have a well enabled ipv6 adress as well as the kernel ! An important part of my traffic is ipv6.
Should I say to postfix to listen specifically on the ipv6 adress (whereas I didn't do so much on ipv4) ?
You can lookup on einstein.22decembre.eu for www, you can access !
_________________
Portable Gentoo installé depuis ~fevrier 2010, kde4 ( doc : http://www.22decembre.eu/gentoo-portable/)
Serveur Maison Gentoo depuis ~avril 2010 (doc : http://www.22decembre.eu/gentoo-serveur/)
http://www.22decembre.eu |
|
| Back to top |
|
|
cach0rr0
Bodhisattva
Joined: 13 Nov 2008
Posts: 4123
Location: Houston, Republic of Texas
|
| Posted: Sat Sep 24, 2011 9:41 am Post subject: |
|
|
as far as i can gather your configuration is correct, however
-if doing a 'postfix reload' throws errors in your logs (or even on the console), you should see where to look
-if it does not show any errors, it would seem postfix is, for whatever reason, not aware your ipv6 interface exists.
I guess another question, just as a troubleshooting step, can you explicitly set postfix to listen on ipv6 and see what happens?
e.g.
| Code: |
inet_protocols = ipv6
inet_interfaces = all
|
if nothing else, i would think doing that would show a more useful error.
_________________
Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash |
|
| Back to top |
|
|
22decembre
Guru
Joined: 08 May 2010
Posts: 308
Location: Paris, banlieue sud (Massy et alentours)
|
| Posted: Sat Sep 24, 2011 7:56 pm Post subject: |
|
|
It seems postfix doesn't like both protocols. It wants only one :
| Code: | Sep 24 21:46:20 einstein postfix/postfix-script[24627]: refreshing the Postfix mail system
Sep 24 21:46:20 einstein postfix/master[5309]: reload -- version 2.8.4, configuration /etc/postfix
Sep 24 21:46:20 einstein postfix/master[5309]: warning: ignoring inet_protocols parameter value change
Sep 24 21:46:20 einstein postfix/master[5309]: warning: old value: "ipv4", new value: "ipv6"
Sep 24 21:46:20 einstein postfix/master[5309]: warning: to change inet_protocols, stop and start Postfix
Sep 24 21:46:20 einstein postfix/master[5309]: fatal: /etc/postfix/master.cf: line 33: bad hostname or network address: 127.0.0.1:10025
Sep 24 21:46:21 einstein postfix/anvil[24552]: statistics: max connection rate 1/60s for (smtp:208.92.234.80) at Sep 24 21:42:00
Sep 24 21:46:21 einstein postfix/anvil[24552]: statistics: max connection count 1 for (smtp:208.92.234.80) at Sep 24 21:42:00
Sep 24 21:46:21 einstein postfix/anvil[24552]: statistics: max cache size 1 at Sep 24 21:42:00
|
It wants all the inside protocols to be ipv6. So, I place my loopback address in master.cf on ipv6, then launch again :
| Code: |
Sep 24 21:47:04 einstein postfix/postfix-script[24649]: fatal: the Postfix mail system is not running
Sep 24 21:47:09 einstein postfix/postfix-script[24731]: starting the Postfix mail system
Sep 24 21:47:09 einstein postfix/master[24732]: fatal: /etc/postfix/master.cf: line 33: bad hostname or network address: 127.0.0.1:10025
Sep 24 21:47:49 einstein postfix/postfix-script[24748]: fatal: the Postfix mail system is not running
Sep 24 21:47:53 einstein postfix/postfix-script[24821]: starting the Postfix mail system
Sep 24 21:47:53 einstein postfix/master[24822]: daemon started -- version 2.8.4, configuration /etc/postfix
|
It is well running. But listenning only on ipv6 :
| Code: | 21:48 root@einstein ~ # netstat -lp|grep master
tcp6 0 0 [::]:submission [::]:* LISTEN 24822/master
tcp6 0 0 [::]:smtp [::]:* LISTEN 24822/master
tcp6 0 0 einstein.22decemb:10025 [::]:* LISTEN 24822/master
|
But again, I make "inet_protocols = ipv6,ipv4" and restart postfix, and now, it seems to work on ipv6 and ipv4. Much better. (It's what I want).
I will see if it's ok in the next days...
_________________
Portable Gentoo installé depuis ~fevrier 2010, kde4 ( doc : http://www.22decembre.eu/gentoo-portable/)
Serveur Maison Gentoo depuis ~avril 2010 (doc : http://www.22decembre.eu/gentoo-serveur/)
http://www.22decembre.eu |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
