[pve-devel] [PATCH v3 http-server common manager 0/3] fix #2997: pveproxy LISTEN address

[pve-devel] [PATCH v3 http-server common manager 0/3] fix #2997: pveproxy LISTEN address

[Oguz Bektas]

v2->v3:
* listen on wildcard by default (to incorporate thomas' suggestion to make it the same as PBS)


for testing i did the following:


default:
# rm /etc/default/pveproxy
# systemctl restart pveproxy && ss -antlp | grep 8006
LISTEN    0         128                      *:8006                   *:*        users:(("pveproxy worker",pid=2935,fd=6),("pveproxy worker",pid=2934,fd=6),("pveproxy worker",pid=2933,fd=6),("pveproxy",pid=2932,fd=6))


ipv6 localhost:
# rm /etc/default/pveproxy; echo 'LISTEN_IP=::1' > /etc/default/pveproxy
# systemctl restart pveproxy && ss -antlp | grep 8006
LISTEN    0         128                  [::1]:8006                [::]:*        users:(("pveproxy worker",pid=3026,fd=6),("pveproxy worker",pid=3025,fd=6),("pveproxy worker",pid=3024,fd=6),("pveproxy",pid=3023,fd=6))


ipv4 localhost:
# rm /etc/default/pveproxy; echo 'LISTEN_IP=127.0.0.1' > /etc/default/pveproxy
# systemctl restart pveproxy && ss -antlp | grep 8006
LISTEN    0         128              127.0.0.1:8006             0.0.0.0:*        users:(("pveproxy worker",pid=3090,fd=6),("pveproxy worker",pid=3089,fd=6),("pveproxy worker",pid=3088,fd=6),("pveproxy",pid=3087,fd=6))





pve-common:
Oguz Bektas (1):
  daemon: listen also on ipv6

 src/PVE/Daemon.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)


pve-manager:
Oguz Bektas (1):
  proxy: allow setting LISTEN_IP for pveproxy and spiceproxy

 PVE/Service/pveproxy.pm   | 4 ++--
 PVE/Service/spiceproxy.pm | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)


pve-http-server:
Oguz Bektas (1):
  utils: add LISTEN_IP option in /etc/default/pveproxy

 PVE/APIServer/Utils.pm | 3 +++
 1 file changed, 3 insertions(+)

-- 
2.20.1

[pve-devel] [PATCH v3 common 1/3] daemon: listen also on ipv6

[Oguz Bektas]

see [0]
when we set 'Domain' to PF_INET6 by default, it will prefer IPv6. since
we don't set 'V6Only' it will also listen on IPv4 interfaces.

'Family' parameter isn't needed anymore.

this change depends on the changes in pve-manager and pve-http-server to
work correctly.

[0]:
https://perldoc.perl.org/IO::Socket::IP#REPLACING-IO::Socket-DEFAULT-BEHAVIOUR

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
---
 src/PVE/Daemon.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/PVE/Daemon.pm b/src/PVE/Daemon.pm
index 64f8126..76601d5 100644
--- a/src/PVE/Daemon.pm
+++ b/src/PVE/Daemon.pm
@@ -820,10 +820,10 @@ sub create_reusable_socket {
     } else {
 
 	$socket = IO::Socket::IP->new(
-	    LocalAddr => $host,
+	    Domain => PF_INET6,
+	    LocalHost => $host,
 	    LocalPort => $port,
 	    Listen => SOMAXCONN,
-	    Family => $family,
 	    Proto  => 'tcp',
 	    GetAddrInfoFlags => 0,
 	    ReuseAddr => 1) ||
-- 
2.20.1

[pve-devel] [PATCH v3 manager 2/3] proxy: allow setting LISTEN_IP for pveproxy and spiceproxy

[Oguz Bektas]

the $host variable is set to "::0" by default to listen on wildcard
(with 'Domain' => PF_INET6).

if 'LISTEN_IP' is defined in /etc/default/pveproxy, that IP will be used
instead.

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
---
 PVE/Service/pveproxy.pm   | 4 ++--
 PVE/Service/spiceproxy.pm | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/PVE/Service/pveproxy.pm b/PVE/Service/pveproxy.pm
index 571a6bf5..4ecd442a 100755
--- a/PVE/Service/pveproxy.pm
+++ b/PVE/Service/pveproxy.pm
@@ -69,8 +69,8 @@ sub init {
     my $lockfh = IO::File->new(">>${accept_lock_fn}") ||
 	die "unable to open lock file '${accept_lock_fn}' - $!\n";
 
-    my $family = PVE::Tools::get_host_address_family($self->{nodename});
-    my $socket = $self->create_reusable_socket(8006, undef, $family);
+    my $listen_ip = $proxyconf->{LISTEN_IP} // "::0";
+    my $socket = $self->create_reusable_socket(8006, $listen_ip);
 
     my $dirs = {};
 
diff --git a/PVE/Service/spiceproxy.pm b/PVE/Service/spiceproxy.pm
index f8e06b60..24be0ed7 100755
--- a/PVE/Service/spiceproxy.pm
+++ b/PVE/Service/spiceproxy.pm
@@ -39,8 +39,8 @@ sub init {
     my $lockfh = IO::File->new(">>${accept_lock_fn}") ||
 	die "unable to open lock file '${accept_lock_fn}' - $!\n";
 
-    my $family = PVE::Tools::get_host_address_family($self->{nodename});
-    my $socket = $self->create_reusable_socket(3128, undef, $family);
+    my $listen_ip = $proxyconf->{LISTEN_IP} // "::0";
+    my $socket = $self->create_reusable_socket(3128, $listen_ip);
 
     $self->{server_config} = {
 	keep_alive => 0,
-- 
2.20.1

[pve-devel] [PATCH v3 http-server 3/3] utils: add LISTEN_IP option in /etc/default/pveproxy

[Oguz Bektas]

to allow setting arbitrary IP address to listen on

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
---
 PVE/APIServer/Utils.pm | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/PVE/APIServer/Utils.pm b/PVE/APIServer/Utils.pm
index e843e5f..36e3ae6 100644
--- a/PVE/APIServer/Utils.pm
+++ b/PVE/APIServer/Utils.pm
@@ -14,6 +14,7 @@ sub read_proxy_config {
 
     # Note: evaluate with bash
     my $shcmd = ". $conffile;\n";
+    $shcmd .= 'echo \"LISTEN_IP:\$LISTEN_IP\";';
     $shcmd .= 'echo \"ALLOW_FROM:\$ALLOW_FROM\";';
     $shcmd .= 'echo \"DENY_FROM:\$DENY_FROM\";';
     $shcmd .= 'echo \"POLICY:\$POLICY\";';
@@ -36,6 +37,8 @@ sub read_proxy_config {
 		push @$ips, Net::IP->new($ip) || die Net::IP::Error() . "\n";
 	    }
 	    $res->{$key} = $ips;
+	} elsif ($key eq 'LISTEN_IP') {
+	    $res->{$key} = $value;
 	} elsif ($key eq 'POLICY') {
 	    die "unknown policy '$value'\n" if $value !~ m/^(allow|deny)$/;
 	    $res->{$key} = $value;
-- 
2.20.1

Re: [pve-devel] [PATCH v3 http-server 3/3] utils: add LISTEN_IP option in /etc/default/pveproxy

[Dylan Whyte]

Hi,

Tested various valid input and seems to work for me.
As discussed, one has to be careful to give local ipv6 addresses in the 
form `LISTEN_IP=fe80::...::4579%interface`, in order for these address 
types to work.

Tested-by: Dylan Whyte <d.whyte@proxmox.com>
Reviewed-by: Dylan Whyte <d.whyte@proxmox.com>


  On 3/22/21 3:00 PM, Oguz Bektas wrote:
> to allow setting arbitrary IP address to listen on
>
> Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
> ---
>   PVE/APIServer/Utils.pm | 3 +++
>   1 file changed, 3 insertions(+)
>
> diff --git a/PVE/APIServer/Utils.pm b/PVE/APIServer/Utils.pm
> index e843e5f..36e3ae6 100644
> --- a/PVE/APIServer/Utils.pm
> +++ b/PVE/APIServer/Utils.pm
> @@ -14,6 +14,7 @@ sub read_proxy_config {
>   
>       # Note: evaluate with bash
>       my $shcmd = ". $conffile;\n";
> +    $shcmd .= 'echo \"LISTEN_IP:\$LISTEN_IP\";';
>       $shcmd .= 'echo \"ALLOW_FROM:\$ALLOW_FROM\";';
>       $shcmd .= 'echo \"DENY_FROM:\$DENY_FROM\";';
>       $shcmd .= 'echo \"POLICY:\$POLICY\";';
> @@ -36,6 +37,8 @@ sub read_proxy_config {
>   		push @$ips, Net::IP->new($ip) || die Net::IP::Error() . "\n";
>   	    }
>   	    $res->{$key} = $ips;
> +	} elsif ($key eq 'LISTEN_IP') {
> +	    $res->{$key} = $value;
>   	} elsif ($key eq 'POLICY') {
>   	    die "unknown policy '$value'\n" if $value !~ m/^(allow|deny)$/;
>   	    $res->{$key} = $value;

Re: [pve-devel] [PATCH v3 common 1/3] daemon: listen also on ipv6

[Fabian Ebner]

Note that for pmgproxy this is still called this with (8006, undef, 
$family). Did you ensure that this is backwards-compatible? Otherwise 
this needs versioned breaks and the call for pmgproxy needs to be 
adapted too.

Am 22.03.21 um 15:00 schrieb Oguz Bektas:
> see [0]
> when we set 'Domain' to PF_INET6 by default, it will prefer IPv6. since
> we don't set 'V6Only' it will also listen on IPv4 interfaces.
> 
> 'Family' parameter isn't needed anymore.
> 
> this change depends on the changes in pve-manager and pve-http-server to
> work correctly.
> 
> [0]:
> https://perldoc.perl.org/IO::Socket::IP#REPLACING-IO::Socket-DEFAULT-BEHAVIOUR
> 
> Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
> ---
>   src/PVE/Daemon.pm | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/src/PVE/Daemon.pm b/src/PVE/Daemon.pm
> index 64f8126..76601d5 100644
> --- a/src/PVE/Daemon.pm
> +++ b/src/PVE/Daemon.pm
> @@ -820,10 +820,10 @@ sub create_reusable_socket {
>       } else {
>   
>   	$socket = IO::Socket::IP->new(
> -	    LocalAddr => $host,
> +	    Domain => PF_INET6,
> +	    LocalHost => $host,
>   	    LocalPort => $port,
>   	    Listen => SOMAXCONN,
> -	    Family => $family,
>   	    Proto  => 'tcp',
>   	    GetAddrInfoFlags => 0,
>   	    ReuseAddr => 1) ||
> 

Re: [pve-devel] [PATCH v3 manager 2/3] proxy: allow setting LISTEN_IP for pveproxy and spiceproxy

[Fabian Ebner]

After these first two patches, the default behavior is different:
Previously, it would only listen for either IPv4 or IPv6 (depending on 
what get_host_address_family would return), while now it listens for 
both. Not sure if that's a problem though?

Am 22.03.21 um 15:00 schrieb Oguz Bektas:
> the $host variable is set to "::0" by default to listen on wildcard
> (with 'Domain' => PF_INET6).
> 
> if 'LISTEN_IP' is defined in /etc/default/pveproxy, that IP will be used
> instead.
> 
> Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
> ---
>   PVE/Service/pveproxy.pm   | 4 ++--
>   PVE/Service/spiceproxy.pm | 4 ++--
>   2 files changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/PVE/Service/pveproxy.pm b/PVE/Service/pveproxy.pm
> index 571a6bf5..4ecd442a 100755
> --- a/PVE/Service/pveproxy.pm
> +++ b/PVE/Service/pveproxy.pm
> @@ -69,8 +69,8 @@ sub init {
>       my $lockfh = IO::File->new(">>${accept_lock_fn}") ||
>   	die "unable to open lock file '${accept_lock_fn}' - $!\n";
>   
> -    my $family = PVE::Tools::get_host_address_family($self->{nodename});
> -    my $socket = $self->create_reusable_socket(8006, undef, $family);
> +    my $listen_ip = $proxyconf->{LISTEN_IP} // "::0";
> +    my $socket = $self->create_reusable_socket(8006, $listen_ip);
>   
>       my $dirs = {};
>   
> diff --git a/PVE/Service/spiceproxy.pm b/PVE/Service/spiceproxy.pm
> index f8e06b60..24be0ed7 100755
> --- a/PVE/Service/spiceproxy.pm
> +++ b/PVE/Service/spiceproxy.pm
> @@ -39,8 +39,8 @@ sub init {
>       my $lockfh = IO::File->new(">>${accept_lock_fn}") ||
>   	die "unable to open lock file '${accept_lock_fn}' - $!\n";
>   
> -    my $family = PVE::Tools::get_host_address_family($self->{nodename});
> -    my $socket = $self->create_reusable_socket(3128, undef, $family);
> +    my $listen_ip = $proxyconf->{LISTEN_IP} // "::0";
> +    my $socket = $self->create_reusable_socket(3128, $listen_ip);
>   
>       $self->{server_config} = {
>   	keep_alive => 0,
> 

Re: [pve-devel] [PATCH v3 manager 2/3] proxy: allow setting LISTEN_IP for pveproxy and spiceproxy

[Oguz Bektas]

On Wed, Mar 24, 2021 at 09:37:35AM +0100, Fabian Ebner wrote:
> After these first two patches, the default behavior is different:
> Previously, it would only listen for either IPv4 or IPv6 (depending on what
> get_host_address_family would return), while now it listens for both. Not
> sure if that's a problem though?

this was the recommended approach pointed out by thomas in response to
the last patches (to make it the same as PBS, which listens on wildcard
interface by default). so this was intended


> 
> Am 22.03.21 um 15:00 schrieb Oguz Bektas:
> > the $host variable is set to "::0" by default to listen on wildcard
> > (with 'Domain' => PF_INET6).
> > 
> > if 'LISTEN_IP' is defined in /etc/default/pveproxy, that IP will be used
> > instead.
> > 
> > Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
> > ---
> >   PVE/Service/pveproxy.pm   | 4 ++--
> >   PVE/Service/spiceproxy.pm | 4 ++--
> >   2 files changed, 4 insertions(+), 4 deletions(-)
> > 
> > diff --git a/PVE/Service/pveproxy.pm b/PVE/Service/pveproxy.pm
> > index 571a6bf5..4ecd442a 100755
> > --- a/PVE/Service/pveproxy.pm
> > +++ b/PVE/Service/pveproxy.pm
> > @@ -69,8 +69,8 @@ sub init {
> >       my $lockfh = IO::File->new(">>${accept_lock_fn}") ||
> >   	die "unable to open lock file '${accept_lock_fn}' - $!\n";
> > -    my $family = PVE::Tools::get_host_address_family($self->{nodename});
> > -    my $socket = $self->create_reusable_socket(8006, undef, $family);
> > +    my $listen_ip = $proxyconf->{LISTEN_IP} // "::0";
> > +    my $socket = $self->create_reusable_socket(8006, $listen_ip);
> >       my $dirs = {};
> > diff --git a/PVE/Service/spiceproxy.pm b/PVE/Service/spiceproxy.pm
> > index f8e06b60..24be0ed7 100755
> > --- a/PVE/Service/spiceproxy.pm
> > +++ b/PVE/Service/spiceproxy.pm
> > @@ -39,8 +39,8 @@ sub init {
> >       my $lockfh = IO::File->new(">>${accept_lock_fn}") ||
> >   	die "unable to open lock file '${accept_lock_fn}' - $!\n";
> > -    my $family = PVE::Tools::get_host_address_family($self->{nodename});
> > -    my $socket = $self->create_reusable_socket(3128, undef, $family);
> > +    my $listen_ip = $proxyconf->{LISTEN_IP} // "::0";
> > +    my $socket = $self->create_reusable_socket(3128, $listen_ip);
> >       $self->{server_config} = {
> >   	keep_alive => 0,
> > 

Re: [pve-devel] [PATCH v3 common 1/3] daemon: listen also on ipv6

[Oguz Bektas]

On Wed, Mar 24, 2021 at 09:37:03AM +0100, Fabian Ebner wrote:
> Note that for pmgproxy this is still called this with (8006, undef,
> $family). Did you ensure that this is backwards-compatible? Otherwise this
> needs versioned breaks and the call for pmgproxy needs to be adapted too.

it seems to be backwards compatible

i did the following now to test:

1. update pmg to latest
2. install .deb of libpve-common-perl with my change
3. systemctl restart pmgproxy

and it worked still as expected (with no behavior change).




> 
> Am 22.03.21 um 15:00 schrieb Oguz Bektas:
> > see [0]
> > when we set 'Domain' to PF_INET6 by default, it will prefer IPv6. since
> > we don't set 'V6Only' it will also listen on IPv4 interfaces.
> > 
> > 'Family' parameter isn't needed anymore.
> > 
> > this change depends on the changes in pve-manager and pve-http-server to
> > work correctly.
> > 
> > [0]:
> > https://perldoc.perl.org/IO::Socket::IP#REPLACING-IO::Socket-DEFAULT-BEHAVIOUR
> > 
> > Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
> > ---
> >   src/PVE/Daemon.pm | 4 ++--
> >   1 file changed, 2 insertions(+), 2 deletions(-)
> > 
> > diff --git a/src/PVE/Daemon.pm b/src/PVE/Daemon.pm
> > index 64f8126..76601d5 100644
> > --- a/src/PVE/Daemon.pm
> > +++ b/src/PVE/Daemon.pm
> > @@ -820,10 +820,10 @@ sub create_reusable_socket {
> >       } else {
> >   	$socket = IO::Socket::IP->new(
> > -	    LocalAddr => $host,
> > +	    Domain => PF_INET6,
> > +	    LocalHost => $host,
> >   	    LocalPort => $port,
> >   	    Listen => SOMAXCONN,
> > -	    Family => $family,
> >   	    Proto  => 'tcp',
> >   	    GetAddrInfoFlags => 0,
> >   	    ReuseAddr => 1) ||
> > 

Re: [pve-devel] [PATCH v3 common 1/3] daemon: listen also on ipv6

[Fabian Ebner]

Am 24.03.21 um 11:38 schrieb Oguz Bektas:
> On Wed, Mar 24, 2021 at 09:37:03AM +0100, Fabian Ebner wrote:
>> Note that for pmgproxy this is still called this with (8006, undef,
>> $family). Did you ensure that this is backwards-compatible? Otherwise this
>> needs versioned breaks and the call for pmgproxy needs to be adapted too.
> 
> it seems to be backwards compatible
> 
> i did the following now to test:
> 
> 1. update pmg to latest
> 2. install .deb of libpve-common-perl with my change
> 3. systemctl restart pmgproxy
> 
> and it worked still as expected (with no behavior change).
> 

Great, just wanted to make sure.

As a follow-up (or in case there's another version), please remove the 
now unused $family parameter, and it probably also makes sense to adapt 
pmgproxy to use the new LISTEN_IP if defined in its config.

> 
> 
>>
>> Am 22.03.21 um 15:00 schrieb Oguz Bektas:
>>> see [0]
>>> when we set 'Domain' to PF_INET6 by default, it will prefer IPv6. since
>>> we don't set 'V6Only' it will also listen on IPv4 interfaces.
>>>
>>> 'Family' parameter isn't needed anymore.
>>>
>>> this change depends on the changes in pve-manager and pve-http-server to
>>> work correctly.
>>>
>>> [0]:
>>> https://perldoc.perl.org/IO::Socket::IP#REPLACING-IO::Socket-DEFAULT-BEHAVIOUR
>>>
>>> Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
>>> ---
>>>    src/PVE/Daemon.pm | 4 ++--
>>>    1 file changed, 2 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/src/PVE/Daemon.pm b/src/PVE/Daemon.pm
>>> index 64f8126..76601d5 100644
>>> --- a/src/PVE/Daemon.pm
>>> +++ b/src/PVE/Daemon.pm
>>> @@ -820,10 +820,10 @@ sub create_reusable_socket {
>>>        } else {
>>>    	$socket = IO::Socket::IP->new(
>>> -	    LocalAddr => $host,
>>> +	    Domain => PF_INET6,
>>> +	    LocalHost => $host,
>>>    	    LocalPort => $port,
>>>    	    Listen => SOMAXCONN,
>>> -	    Family => $family,
>>>    	    Proto  => 'tcp',
>>>    	    GetAddrInfoFlags => 0,
>>>    	    ReuseAddr => 1) ||
>>>

[pve-devel] [PATCH pmg-api] pmgproxy: allow setting LISTEN_IP parameter

[Oguz Bektas]

LISTEN_IP is defined in /etc/default/pmgproxy.

this depends on the changes in pve-common and pve-http-server (#2997)


Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
---
 src/PMG/Service/pmgproxy.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/PMG/Service/pmgproxy.pm b/src/PMG/Service/pmgproxy.pm
index b2fdc69..11cefe8 100755
--- a/src/PMG/Service/pmgproxy.pm
+++ b/src/PMG/Service/pmgproxy.pm
@@ -64,8 +64,8 @@ sub init {
     my $lockfh = IO::File->new(">>${accept_lock_fn}") ||
 	die "unable to open lock file '${accept_lock_fn}' - $!\n";
 
-    my $family = PVE::Tools::get_host_address_family($self->{nodename});
-    my $socket = $self->create_reusable_socket(8006, undef, $family);
+    my $listen_ip = $proxyconf->{LISTEN_IP} // "::0";
+    my $socket = $self->create_reusable_socket(8006, $listen_ip);
 
     my $dirs = {};
 
-- 
2.20.1

[pve-devel] [PATCH v4 common 1/3] daemon: listen also on ipv6

[Oguz Bektas]

see [0]
when we set 'Domain' to PF_INET6 by default, it will prefer IPv6. since
we don't set 'V6Only' it will also listen on IPv4 interfaces.

'Family' parameter isn't needed anymore.

this change depends on the changes in pve-manager and pve-http-server to
work correctly.

[0]:
https://perldoc.perl.org/IO::Socket::IP#REPLACING-IO::Socket-DEFAULT-BEHAVIOUR

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
---
v3->v4:
* remove $family parameter

 src/PVE/Daemon.pm | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/PVE/Daemon.pm b/src/PVE/Daemon.pm
index 64f8126..905635a 100644
--- a/src/PVE/Daemon.pm
+++ b/src/PVE/Daemon.pm
@@ -799,7 +799,7 @@ sub register_status_command {
 # some useful helper
 
 sub create_reusable_socket {
-    my ($self, $port, $host, $family) = @_;
+    my ($self, $port, $host) = @_;
 
     die "no port specifed" if !$port;
 
@@ -820,10 +820,10 @@ sub create_reusable_socket {
     } else {
 
 	$socket = IO::Socket::IP->new(
-	    LocalAddr => $host,
+	    Domain => PF_INET6,
+	    LocalHost => $host,
 	    LocalPort => $port,
 	    Listen => SOMAXCONN,
-	    Family => $family,
 	    Proto  => 'tcp',
 	    GetAddrInfoFlags => 0,
 	    ReuseAddr => 1) ||
-- 
2.20.1

[pve-devel] applied: [PATCH v3 http-server 3/3] utils: add LISTEN_IP option in /etc/default/pveproxy

[Thomas Lamprecht]

On 22.03.21 15:00, Oguz Bektas wrote:
> to allow setting arbitrary IP address to listen on
> 
> Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
> ---
>  PVE/APIServer/Utils.pm | 3 +++
>  1 file changed, 3 insertions(+)
> 
>

applied, thanks!

[pve-devel] applied: [PATCH v4 common 1/3] daemon: listen also on ipv6

[Thomas Lamprecht]

On 24.03.21 14:20, Oguz Bektas wrote:
> see [0]
> when we set 'Domain' to PF_INET6 by default, it will prefer IPv6. since
> we don't set 'V6Only' it will also listen on IPv4 interfaces.
> 
> 'Family' parameter isn't needed anymore.
> 
> this change depends on the changes in pve-manager and pve-http-server to
> work correctly.
> 
> [0]:
> https://perldoc.perl.org/IO::Socket::IP#REPLACING-IO::Socket-DEFAULT-BEHAVIOUR
> 
> Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
> ---
> v3->v4:
> * remove $family parameter
> 
>  src/PVE/Daemon.pm | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
>

applied, thanks!

but please do not send new patch versions to a sub-thread with in-reply-to, that's
in general just easier to overlook and thus get lost and harder to piece together
a series on applying.

General note: the pveproxy needs to be restarted, not reloaded, for this change
to be applied. Was a bit thrown off by that, as installing this and the updated
pve-manager package only triggered a reload and the process kept listening on the
"old" local address (0.0.0.0:8006) vs. the always-correct™ *:8006 one