On 11/29/2013 04:04 PM, Hartmaier Alexander wrote: > I've just read the IPv6 section in the 4.12.1 reference manual after > installing 4.12.1 on a new RHEL6 box which has IPv6 support disabled via > 'alias ipv6 off' and 'options ipv6 disable=1' in /etc/modprobe.d/local.conf. > > On startup Radiator logs: 'INFO: This system is IPv6 capable. IPv6 > capability provided by: core' although the Socket6 module isn't > installed because its tests fail because IPv6 support is disabled in the > Linux kernel.
That's interesting. Does Socket6 compilation really check if IPv6 is disabled in the system? The Radiator log message is about the IPv6 capability of the Perl that was used to invoke radiusd. Now that you mentioned, it might be better to say that the system has IPv6 capable Perl and the Perl IPv6 capability required by Radiator is provided by Perl core (or Socket6 or none). In your case, even if you can not use BindAddress ::, radiusd can still process attributes with IPv6 addresses and prefixes without problems since the Perl core libraries have support for e.g., getaddrinfo(). > But the manual says 'Note: Currently IPv6 support requires Socket6.pm > Perl module.'. Which one is correct, the manual or the log message? The manual is correct for Radiator 4.12.1 as it was released. Binding to IPv6 addresses, address packing and other functions and decoding and encoding of IPv6 addresses and prefix in attributes requires Socket6.pm with 4.12.1. The patches in 4.12.1 check Perl's IPv6 capability and try to prefer the built in core modules. If the core does not support all the required functionality, then presence of Socket6.pm is checked. If there is no Socket6.pm either then IPv6 addresses and prefixes can not be encoded and decoded in human readable format and are processed as binary data which works for proxying. > The Perl version is 5.16.3 compiled on the box using perlbrew. Perl 5.16.3 is recent enough, I think 5.14.0 has everything required, so radiusd finds the core modules in 5.16.3 can be used. Also, since you get the log message about IPv6 capability, it means you have Radiator 4.12.1 + patches. > The very first sentence doesn't mention TACACS+, does it support IPv6 > too or not? ServerTACACSPLUS should work with IPv6. Looks like goodies/tacacsplustest does not support IPv6 for testing yet, but the server side should work. > Please add this info. The documentation regarding Socket6.pm not required for recent enough Perls will be in the next release's documentation. We can also mention TACACS+ too. Thanks, Heikki -- Heikki Vatiainen <h...@open.com.au> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
