[mrtg] MRTG uses an IPv6 address even if w/o EnableIPv6 or with explicit EnableIPv6: no?

Simon Leinen simon.leinen at switch.ch
Sun Oct 9 16:02:04 CEST 2011


笹山 / SASAYAMA writes:
> I am not new to MRTG but recently I saw a strange behavior in my
> setting. It seems that MRTG 2.16.4 uses IPv6 even if mrtg.cfg contains
> no EnableIPv6 or explicit EnableIPv6: no. In my setting, target hosts
> are specified by host names which can be resolved to IPv6 addresses.

> I investigated why it happens and found SNMP_Session.pm uses
> Socket::inet_aton to resolve host names to addresses in IPv4-only
> settings. Unfortunately, Socket::inet_aton may return an IPv6 address
> when used to resolve host names and MRTG appears to use it without any
> checks that it really is an IPv4 address. (Socket::inet_aton appears
> to use C inet_aton and gethostbyname, and gethostbyname by nature may
> return an IPv6 address.)

I think that when IPv6 support was added to SNMP_Session.pm, the authors
were under the impression that gethostbyname() only supported IPv4, and
to get IPv6 addresses you'd have to use the newer getaddrinfo() call.

Apparently in the meantime, some OSes have extended gethostbyname() to
return IPv6 addresses (which I think is a bad decision given the likely
expectation of lots of code that all addresses returned are AF_INET
addresses, but what the heck).

And Socket::inet_aton() definitely used to be documented to return only
four-byte strings corresponding to IPv4 addresses.  Some bright mind
seems to have changed that lately.  This is an even worse idea, because
unlike gethostbyname(), Socket::inet_aton() can only return ONE address.
And it is stupid for it to return an IPv6 address to code that may only
expect IPv4 addresses, for a host that has an IPv4 address as well.
Sigh!

These days, SNMP_Session should probably use getaddrinfo() rather than
Socket::inet_aton() in all cases, and just ignore IPv6 addresses when
EnableIPv6 is false.

> I do not know if it should be fixed in Perl-side, but IMO, it is unsafe
> to use Socket::inet_aton to resolve host names in IPv4-only settings. I
> managed to avoid this behavior by using IPv4-only host names, but it is
> not very intuitive and should be handled properly in MRTG.

*Shrug* why don't you simply switch on IPv6 and use that to talk to
nodes that already support it?

If you insist that IPv4-only mode should be improved, consider creating
an issue on

http://code.google.com/p/snmp-session/issues/list

If you or someone else contributes a patch, I'd be glad to review the
code.  (But don't expect me to write the patch myself.)

Best regards,
-- 
Simon.



More information about the mrtg mailing list