Listen on IPv4+IPv6

[ties]

As a krill user, I want to be able to configure krill to listen on multiple addresses (IPv4+IPv6) to prevent issues with dual-stack hostnames and some clients (happy eyeballs) working and others not (embedded http clients) when running on a dual-stack host

[timbru]

The usual setup is that Krill listens on IPv4 localhost only, and a proxy server is used in front of it. The proxy server can do IPv4 and IPv6, proper HTTPS (eg with a Letsencrypt certificate, good ciphers and all that) - it can also limit access based on other needs - e.g. source IP addresses.

Point is.. while this can be added to Krill I would like to understand the urgency given the proxy option.

[timbru]

As far as I can tell, but I might be mistaken.. the hyper server used by Krill can only bind to one address.

I have made an issue asking for a feature or clarification: https://github.com/hyperium/hyper/issues/3009

This said, I still think that letting Krill listen on IPv4 localhost only and using a proxy for any public IP addresses is best practice.

[ties]

I do agree that a reserve proxy is the preferred setup. However in some situations it may be good to listen on either multiple addresses or dual stack.