reopen 550990 thanks On Wed, Oct 14, 2009 at 07:28:45PM +0100, Ben Hutchings wrote: > No, IPv6 is not broken. At least, not by the kernel. > > This is probably a bug in glibc or openssh. Please don't close bugs outright if you believe they're only misfiled. The bug is there; if you claim that it is not a kernel bug, then that's fine, but that doesn't mean you should assert it does not exist. Having said that, 'netstat -tl' shows the socket in LISTEN mode. So the kernel believes it is open. 'nmap' to the host shows the socket in 'closed' state. Not filtered, but closed; i.e., we're getting an ICMP port unreachable back on the SYN, not a timeout or some such (I haven't run a sniffer to double-check this assertion, but should be able to do so sometime soon if that helps). AFAIK, it's the kernel that sends out port unreachable, rather than the C library, so that's why I filed this against the kernel. It's not a bug in openssh, either, since I have seen similar problems with some of the kerberos daemons (not 100% sure which one exactly at this point). Now I'm definitely willing to do some more investigation in order to pinpoint the right package to reassign this bug to, but please don't just tell me outright that it's not a bug again next time. -- The biometric identification system at the gates of the CIA headquarters works because there's a guard with a large gun making sure no one is trying to fool the system. http://www.schneier.com/blog/archives/2009/01/biometrics.html
Attachment:
signature.asc
Description: Digital signature