search

dotnet / aspnetcore

ASP.NET Core is a cross-platform .NET framework for building modern cloud-based web applications on Windows, Mac, or Linux.
https://asp.net
MIT License
35.37k stars 9.99k forks source link

Consider flagging ListenOptions.Listen(IPAddress.Any) #58172

Open amcasey opened 3 weeks ago

amcasey commented 3 weeks ago

Background and Motivation

On a machine that supports IPv6, listening to Any, rather than IPv6Any will either not work or be slower than necessary. For HTTP/1.x and 2/0, a name like localhost will resolve to [::1], which won't be accepted by the server, forcing a retry with 127.0.0.1 (i.e. failed attempt before each connection).

For HTTP/3.0, [::1] will fail and there won't be a retry, so the connection will fail.

Requested here.

See also #58094, #58171, https://github.com/dotnet/runtime/issues/108259

Proposed Analyzer

Analyzer Behavior and Message

We could probably get away with flagging every usage and letting users disable it on IPv4-only machines. Having said that, a nicer solution might be to have the analyzer detect IPv6 support.

Category

Severity Level

Usage Scenarios

options.Listen(IPAddress.Any, 5001, listenOptions =>
{
    listenOptions.UseHttps();
    listenOptions.Protocols = HttpProtocols.Http1AndHttp2AndHttp3;
});

Risks

If a server specifically wants to reject IPv6 requests, such an analyzer would just be an irritation. It could, however, be disabled.

david-acker commented 4 days ago

Would it be appropriate for the analyzer to check for IPv6 support, given that the machine the analyzer runs on won’t necessarily be the machine the app is deployed to?

amcasey commented 4 days ago

Good point. Probably best to just always report the diagnostic and let users disable it if they know it doesn't apply.