> From: Caldarale, Charles R
> Subject: RE: Re : Re : Re : Tomcat 5.5.29 does not accept connections
> from outside
>
> > that IPv4 addresses had somehow been mapped to a sub-range
> > of IPv6 addresses, and that there was always some kind of
> > "automatic IPv4 to IPv6 translation" going on in the background.
>
> Unfortunately, that's an optional part of the IPv6 RFC, and even when
> available on a given platform, is usually off by default.
The above is not quite correct - the option to map IPv4 addresses into IPv6 is
usually *on* by default - except maybe on Windows.
> > - if you are using APR for the HTTP Connector, then it is always IPv4
> > (or maybe only up to version X)
>
> No, APR has IPv6 capability, and it's on by default, at least in recent
> versions.
After some testing with varying tcnative-1.dll versions on Tomcat 5.5.25, it
looks like behavior changed between 1.1.10 and 1.1.12. With 1.1.10 on my Vista
64 box, the APR connector listened _only_ on IPv4 - there were no IPv6 listens
created. With 1.1.12 and above (including the current 1.1.20), APR listens
only on IPv6; this should be ok as long as IPv4 connections are tunneled
through IPv6, but it looks like that part isn't working in my (and the OP's)
version of Windows.
I didn't see any differences in the tcnative source between 1.1.10 and 1.1.12
that would account for this difference in behavior, so perhaps there were
changes in the APR code proper in this time period.
Just to muddy the waters a bit more, I checked how 6.0.26 works with tcnative
1.1.20, using the following connectors:
<Connector port="8080" protocol="org.apache.coyote.http11.Http11Protocol"
connectionTimeout="20000" executor="tomcatThreadPool"
redirectPort="8443" />
<Connector port="8081"
protocol="org.apache.coyote.http11.Http11NioProtocol"
connectionTimeout="20000" executor="tomcatThreadPool"
redirectPort="8443" />
<Connector port="8082"
protocol="org.apache.coyote.http11.Http11AprProtocol"
connectionTimeout="20000" executor="tomcatThreadPool"
redirectPort="8443" />
The netstat -ano results (without the shutdown port) are:
TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING 2592
TCP 0.0.0.0:8081 0.0.0.0:0 LISTENING 2592
TCP 0.0.0.0:8082 0.0.0.0:0 LISTENING 2592
TCP [::]:8080 [::]:0 LISTENING 2592
So with these versions, the Java blocking connector is listening on both IPv4
and IPv6, while the NIO and APR connectors are using only IPv4. This doesn't
seem to make things much clearer...
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you received
this in error, please contact the sender and delete the e-mail and its
attachments from all computers.
