[Bug 636480] [NEW] Postfix and PowerDNS cannot bind to IPv6-IPs on boot
Launchpad Bug Tracker
636480 at bugs.launchpad.net
Wed Jun 8 11:39:15 UTC 2011
You have been subscribed to a public bug:
On a IPv4/IPv6-dual-stack system Postfix fails to start on boot when bind to IPv6-IPs via /etc/init.d/master.cf (no error message in syslog!).
PowerDNS logs "pdns[1940]: Fatal error: Unable to bind to UDP ipv6 socket".
Both services can be started manually without problems.
Obviously the IPv6-stack isn't configured correctly when Postfix/PowerDNS start at boot time.
Apport-report (Postfix):
ProblemType: Bug
Architecture: i386
Date: Sun Sep 12 18:05:33 2010
Dependencies:
adduser 3.112ubuntu1
base-files 5.0.0ubuntu20.10.04.2
base-passwd 3.5.22
coreutils 7.4-2ubuntu2
debconf 1.5.28ubuntu4
debconf-i18n 1.5.28ubuntu4
debianutils 3.2.2
dpkg 1.15.5.6ubuntu4.1
findutils 4.4.2-1ubuntu1
gcc-4.4-base 4.4.3-4ubuntu5
libacl1 2.2.49-2
libattr1 1:2.4.44-1
libc-bin 2.11.1-0ubuntu7.2
libc6 2.11.1-0ubuntu7.2
libdb4.8 4.8.24-1ubuntu1
libgcc1 1:4.4.3-4ubuntu5
liblocale-gettext-perl 1.05-6
libncurses5 5.7+20090803-2ubuntu3
libpam-modules 1.1.1-2ubuntu5
libpam0g 1.1.1-2ubuntu5
libsasl2-2 2.1.23.dfsg1-5ubuntu1
libselinux1 2.0.89-4
libssl0.9.8 0.9.8k-7ubuntu8
libstdc++6 4.4.3-4ubuntu5
libtext-charwidth-perl 0.04-6
libtext-iconv-perl 1.7-2
libtext-wrapi18n-perl 0.06-7
lsb-base 4.0-0ubuntu8
lzma 4.43-14ubuntu2
ncurses-bin 5.7+20090803-2ubuntu3
netbase 4.35ubuntu3
openssl 0.9.8k-7ubuntu8
passwd 1:4.1.4.2-1ubuntu2
perl-base 5.10.1-8ubuntu2
sed 4.2.1-6
sensible-utils 0.0.1ubuntu3
ssl-cert 1.0.23ubuntu2
tzdata 2010l-0ubuntu0.10.04
zlib1g 1:1.2.3.3.dfsg-15ubuntu1
DistroRelease: Ubuntu 10.04
InstallationMedia: Ubuntu-Server 10.04.1 LTS "Lucid Lynx" - Release i386 (20100816.2)
Package: postfix 2.7.0-1
PackageArchitecture: i386
ProcEnviron:
LANG=de_DE.UTF-8
SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.32-24.42-generic-pae 2.6.32.15+drm33.5
SourcePackage: postfix
Tags: lucid
Uname: Linux 2.6.32-24-generic-pae i686
Apport-report (PowerDNS):
ProblemType: Bug
Architecture: i386
Date: Sun Sep 12 18:18:32 2010
Dependencies:
adduser 3.112ubuntu1
base-files 5.0.0ubuntu20.10.04.2
base-passwd 3.5.22
coreutils 7.4-2ubuntu2
debconf 1.5.28ubuntu4
debconf-i18n 1.5.28ubuntu4
debianutils 3.2.2
dpkg 1.15.5.6ubuntu4.1
findutils 4.4.2-1ubuntu1
gcc-4.4-base 4.4.3-4ubuntu5
libacl1 2.2.49-2
libattr1 1:2.4.44-1
libc-bin 2.11.1-0ubuntu7.2
libc6 2.11.1-0ubuntu7.2
libdb4.8 4.8.24-1ubuntu1
libgcc1 1:4.4.3-4ubuntu5
liblocale-gettext-perl 1.05-6
libmysqlclient16 5.1.41-3ubuntu12.6
libpam-modules 1.1.1-2ubuntu5
libpam0g 1.1.1-2ubuntu5
libselinux1 2.0.89-4
libstdc++6 4.4.3-4ubuntu5
libtext-charwidth-perl 0.04-6
libtext-iconv-perl 1.7-2
libtext-wrapi18n-perl 0.06-7
lzma 4.43-14ubuntu2
mysql-common 5.1.41-3ubuntu12.6
passwd 1:4.1.4.2-1ubuntu2
pdns-server 2.9.22-3
perl-base 5.10.1-8ubuntu2
sensible-utils 0.0.1ubuntu3
tzdata 2010l-0ubuntu0.10.04
ucf 3.0025
zlib1g 1:1.2.3.3.dfsg-15ubuntu1
DistroRelease: Ubuntu 10.04
InstallationMedia: Ubuntu-Server 10.04.1 LTS "Lucid Lynx" - Release i386 (20100816.2)
Package: pdns-backend-mysql 2.9.22-3
PackageArchitecture: i386
ProcEnviron:
LANG=de_DE.UTF-8
SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.32-24.42-generic-pae 2.6.32.15+drm33.5
SourcePackage: pdns
Tags: lucid
Uname: Linux 2.6.32-24-generic-pae i686
/etc/network/interfaces:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
#auto eth0
#iface eth0 inet dhcp
auto eth0
iface eth0 inet static
address xxx.xxx.xxx.20
netmask 255.255.255.0
gateway xxx.xxx.xxx.1
iface eth0 inet6 static
address yyyy:yyy:y:y::3
netmask 64
gateway yyyy:yyy:y:y::1
auto eth0:0
iface eth0:0 inet static
address xxx.xxx.xxx.102
netmask 255.255.255.0
iface eth0:0 inet6 static
address yyyy:yyy:y:y::4
netmask 64
auto dummy0
iface dummy0 inet static
address 192.168.176.1
netmask 255.255.255.255
/etc/iptables.rules:
# Generated by iptables-save v1.4.4 on Sun Aug 29 20:58:48 2010
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [86:9176]
-A INPUT -i lo -m comment --comment "ACCEPT loopback device" -j ACCEPT
-A INPUT -i dummy0 -m comment --comment "ACCEPT dummy0 device" -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -m comment --comment "ACCEPT all packets of existing connections" -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type echo-reply -m comment --comment "ACCEPT ICMP echo-reply" -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type echo-request -m comment --comment "ACCEPT ICMP echo-request" -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type time-exceeded -m comment --comment "ACCEPT ICMP time-exceeded" -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type destination-unreachable -m comment --comment "ACCEPT ICMP destination-unreachable" -j ACCEPT
-A INPUT -m state --state NEW -m recent --set --name DEFAULT --rsource -m comment --comment "Store connection requests"
#-A INPUT -d xxx.xxx.xxx.102/32 -p tcp -m tcp --dport 22 -m state --state NEW -m recent --update --seconds 180 --hitcount 4 --name DEFAULT --rsource -m comment --comment "DROP SSH Brute-Force-Attacks" -j DROP
-A INPUT -d xxx.xxx.xxx.102/32 -p tcp -m tcp --dport 22 -m state --state NEW -m comment --comment "ACCEPT SSH connections" -j ACCEPT
-A INPUT -d xxx.xxx.xxx.102/32 -p tcp -m tcp --dport 25 -m state --state NEW -m comment --comment "ACCEPT SMTP connections" -j ACCEPT
-A INPUT -d xxx.xxx.xxx.20/32 -p udp -m udp --dport 53 -m state --state NEW -m comment --comment "ACCEPT DNS UDP connections" -j ACCEPT
-A INPUT -d xxx.xxx.xxx.20/32 -p tcp -m tcp --dport 53 -m state --state NEW -m comment --comment "ACCEPT DNS TCP connections" -j ACCEPT
-A INPUT -d xxx.xxx.xxx.20/32 -p tcp -m tcp --dport 80 -m state --state NEW -m comment --comment "ACCEPT HTTP connections" -j ACCEPT
-A INPUT -d xxx.xxx.xxx.20/32 -p tcp -m tcp --dport 443 -m state --state NEW -m comment --comment "ACCEPT HTTPS connections" -j ACCEPT
COMMIT
# Completed on Sun Aug 29 20:58:48 2010
/etc/ip6tables.rules:
# Generated by iptables-save v1.4.4 on Sun Aug 29 20:58:48 2010
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [86:9176]
-A INPUT -i lo -m comment --comment "ACCEPT loopback device" -j ACCEPT
-A INPUT -i dummy0 -m comment --comment "ACCEPT dummy0 device" -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -m comment --comment "ACCEPT all packets of existing connections" -j ACCEPT
-A INPUT -p icmpv6 -m comment --comment "ACCEPT all ICMP packets" -j ACCEPT
-A INPUT -p icmpv6 -m comment --comment "ACCEPT all ICMP packets" -j ACCEPT
-A INPUT -p icmpv6 -m comment --comment "ACCEPT all ICMP packets" -j ACCEPT
-A INPUT -p icmpv6 -m comment --comment "ACCEPT all ICMP packets" -j ACCEPT
-A INPUT -m state --state NEW -m recent --set --name DEFAULT --rsource -m comment --comment "Store connection requests"
#-A INPUT -d yyyy:yyy:y:y::4/128 -p tcp -m tcp --dport 22 -m state --state NEW -m recent --update --seconds 180 --hitcount 4 --name DEFAULT --rsource -m comment --comment "DROP SSH Brute-Force-Attacks" -j DROP
-A INPUT -d yyyy:yyy:y:y::4/128 -p tcp -m tcp --dport 22 -m state --state NEW -m comment --comment "ACCEPT SSH connections" -j ACCEPT
-A INPUT -d yyyy:yyy:y:y::4/128 -p tcp -m tcp --dport 25 -m state --state NEW -m comment --comment "ACCEPT SMTP connections" -j ACCEPT
-A INPUT -d yyyy:yyy:y:y::3/128 -p udp -m udp --dport 53 -m state --state NEW -m comment --comment "ACCEPT DNS UDP connections" -j ACCEPT
-A INPUT -d yyyy:yyy:y:y::3/128 -p tcp -m tcp --dport 53 -m state --state NEW -m comment --comment "ACCEPT DNS TCP connections" -j ACCEPT
-A INPUT -d yyyy:yyy:y:y::3/128 -p tcp -m tcp --dport 80 -m state --state NEW -m comment --comment "ACCEPT HTTP connections" -j ACCEPT
-A INPUT -d yyyy:yyy:y:y::3/128 -p tcp -m tcp --dport 443 -m state --state NEW -m comment --comment "ACCEPT HTTPS connections" -j ACCEPT
COMMIT
# Completed on Sun Aug 29 20:58:48 2010
(All IP(6)Tables rules are set via /etc/network/if-pre-up.d/iptables-
restore script)
** Affects: postfix (Ubuntu)
Importance: Undecided
Status: New
** Tags: boot ipv6 pdns postfix powerdns
--
Postfix and PowerDNS cannot bind to IPv6-IPs on boot
https://bugs.launchpad.net/bugs/636480
You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu.
More information about the Ubuntu-server-bugs
mailing list