Netstat not displaying all listening ports when using IPv4 and IPv6
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
net-tools (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
I am running a machine with both IPv4 and IPv6.
I noticed earlier that when doing a 'netstat -anl4' (or just grepping through 'netstat -an' output) that not all listening IPv4 ports are displayed. Example:
# netstat -anl4 | grep external_
Yet, it is definitely listening:
> telnet external_
Trying external_
Connected to external_
Escape character is '^]'.
It definitely seems like for applications that listen on both IPv4 and IPv6 that only the IPv6 listening socket is displayed, as if they are aggregated together. This is a problem because we can no longer trust netstat to properly display all listening sockets.
I would suggest that netstat always show every port that is listening on both the IPv4 and IPv6 stack. Having more data seems like a good thing here since netstat is the primary tool for determining which ports a machine is listening on.
Distributor ID: Ubuntu
Description: Ubuntu 10.04.1 LTS
Release: 10.04
Codename: lucid
After doing more research, I believe this is because Apache is not using the IPV6_V6ONLY flag when it binds to port 80. This allows the IPv6 socket to serve both IPv4 and IPv6 traffic. Since there is technically only one listening socket, this is why netstat only shows the IPv6 socket.
Historically we could use netstat to see exactly what is listening, but in the case of IPV6_V6ONLY, it's entirely possible that an IPv6 socket could handle IPv4 traffic and netstat would never show it.
Here is the README from the netbase package:
# When disabled, IPv6 sockets will also be able to send and receive IPv4
# traffic with addresses in the form ::ffff:192.0.2.1 and daemons listening
# on IPv6 sockets will also accept IPv4 connections.
#
# When IPV6_V6ONLY is enabled, daemons interested in both IPv4 and IPv6
# connections must open two listening sockets.
# This is the default behaviour of almost all modern operating systems.
IPV6_V6ONLY is controlled by the sysctl net.ipv6. bindv6only.