Hi Muhammad,
Check your Ipv6 routing table is there a default route on your V6 Routing
Table...
If I understand egress correctly (it is the external interface) which at a
guess is chosen by the
interface that the default route in your routing table would use.
In any case... just specifiy the interface manually, on the config line
--listen on egress port 443 tls
++listen on vio0 port 443 tls
replace vio0 with your actual "egress" interface name
On Thu, 29 Aug 2019 at 10:58, Muhammad Kaisar Arkhan <h...@yukiisbo.red>
wrote:
> Hi misc@,
>
> I have relayd running on my -current machine which does reverse proxies
> along
> with TLS relays for various programs and it seems when using "listen on
> egress",
> it only listens to IPv4 and doesn't listen to IPv6.
>
> In httpd, this is not the case, when using "listen on egress" it listens
> to both
> IPv4 and IPv6.
>
> Since I require SNI, I'm using the new "tls keypair" feature and it
> seems if I
> have multiple listens it results in the following error:
>
> /etc/relayd.conf:33: cannot load certificates for relay https2:443
>
> Even though there's "tls keypair" clearly indicating which certificates
> to use.
>
> My -current system is dated 25-08-2019.
>
> Here's some more relevant information:
>
> % dmesg | head
>
> OpenBSD 6.6-beta (GENERIC) #236: Sun Aug 25 13:46:21 MDT 2019
> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
>
> % cat /etc/relayd.conf
>
> ...
> relay "https" {
> listen on egress port 443 tls
>
> protocol "reverse_proxy"
>
> forward to <local_httpd> port 80
> ...
> }
> ...
>
> % netstat -nat | grep LISTEN
>
> ...
> tcp 0 0 xx.xx.xx.xx.443 *.* LISTEN
> ...
>
> Thanks.
>
>
--
Kindest regards,
Tom Smyth.
