Enable `opts.ipv6Only` by default

ssbc / multiserver

A single interface that can work with multiple protocols, and multiple transforms of those protocols (eg, security layer)

MIT License

104 stars 28 forks source link

Enable `opts.ipv6Only` by default #42

Closed christianbundy closed 5 years ago

christianbundy commented 5 years ago

This ensures that when the host is :: that we don't also bind on 0.0.0.0 because we're only broadcasting the IPv6 interface when we announce our multiserver addresses over UDP.

dominictarr commented 5 years ago

I have a strong gut feeling that defaulting to ipv6 only is gonna break stuff. It would be safer to default to ipv4 only. or to bind separately to ipv4 and ipv6

dominictarr commented 5 years ago

like, what can we do to test things like this work? currently we don't really have a good way to test different network configurations (of which their are many *) so it's all implicit knowledge, and the safe side is not changing anything.

* for example: @mixmix's home wifi gives a public ipv6 address, but not ipv4. my home wifi (tethering to my phone) does not.

I'd love to be able to simulate networks with different configurations... maybe this is doable with a docker based CI thing? it would really be a huge relief to be able to actually run tests on this.

christianbundy commented 5 years ago

Sorry, maybe some more explanation would be helpful: this doesn't make us bind to IPv6 only, this just means that when we bind to :: it doesn't also try to bind to 0.0.0.0. For example, on a network where you want to bind to both the IPv4 and IPv6 interfaces you can't currently do that because :: binds to both and then multiserver only broadcasts the IPv6 address.

With this commit, you can bind to two interfaces, both :: and 0.0.0.0, which is more explicit (and helpful, because currently multiserver only broadcasts ::).

dominictarr commented 5 years ago

right, so this would cause peers running the default config to bind to ipv6 only because the default if you do not have a public address, is to bind to '::'

https://github.com/ssbc/ssb-config/blob/master/defaults.js#L62

before people wanted to create no-auth ws connections, we just bound to null, which did '0.0.0.0' and '::' and everything was fine, but if you could disable auth, we needed to be able to not accept connections, and a lot of headaches happened.

We could enable this, and explicitly have '0.0.0.0' and '::' separately, so you have two addresses, one ipv4 and one ipv6. That would make addresses bigger, but would probably work well.

christianbundy commented 5 years ago

Once https://github.com/ssbc/ssb-config/pull/53 is merged I think this should be good to go. :+1:

christianbundy commented 5 years ago

Closing in favor of https://github.com/ssbc/multiserver/pull/49.