[Tip of the Day] getaddrinfo is not just for IPv6

[Lucian Adrian Grijincu <lu...@avira.com>]

From http://udrepper.livejournal.com/16116.html :


/*getaddrinfo is not just for IPv6*/

I've heard far too often that getaddrinfo is only interesting for IPv6
and therefore can be ignored since one does not have IPv6.

Aside from the fact that all programs should be protocol independent
this statement is bogus. gethostbyname etc do not perform correctly in
some situations where only ever IPv4 is involved.

Assume you have an internal IPv4 network with, say, 192.168.x.y
addresses. In addition you have a server (web server, for instance)
which is also visible on the Internet. This server has two addresses:
one 192.168.x.y address and one global address. The client is a NATed
machine on the intranet.

Now what happens if the nameserver returns both addresses to a query for
the addresses of said server? With gethostbyname the addresses are
returned to the caller in the order they are received from the DNS
server. Maybe some randomization is applied. In short, it is possible
that the internal machine gets sees the public IPv4 address and then
connects to it. This is not only wasteful (the request has to be routed
through a switch), it might even be dangerous (the traffic might
actually have to go through the Internet).

With getaddrinfo this is not the case. The sorting according to RFC 3484
makes sure that the internal address of the server is returned first.
The sorting function will notice that the source address used on the
client is also an internal address and therefore the internal address of
the server is a better match than the global address.

In summary, gethostbyaddr is not only about IPv6. The old interfaces
were simply completely inadequate and should never be used. If you
/still/ haven't converted your programs to use getaddrinfo instead of
gethostbyname and gethostbyname2 do it now. I have written some time ago
a brief intro <http://people.redhat.com/drepper/userapi-ipv6.html>.

-- 
Best regards,

Lucian Adrian Grijincu
Software Developer
Avira Soft srl

lucian.grijincu@avira.com
http://www.avira.com
-----------------------------------------------------------
DISCLAIMER: This message is confidential. It may also be
privileged or otherwise protected by work product immunity
or other legal rules. If you have received it by mistake
please let us know by reply and then delete it from your
system; you should not copy the message or disclose its
contents to anyone.
-----------------------------------------------------------

Re: [Tip of the Day] getaddrinfo is not just for IPv6

[Colm MacCarthaigh <co...@stdlib.net>]

On Wed, Mar 07, 2007 at 12:28:48PM +0200, Lucian Adrian Grijincu wrote:
> I appologise about that, the mail was supposed to go to another
> dev@domain.tld mailing list.

For what it's worth APR's wrappers around getaddrinfo and getnameinfo
are an excellent source of oducmentation on the real-world
implementation bugs. We've added work-arounds for the various problems
on some versions of OS X, Tru64 and more.

In particular, reverse-lookups for IPv4-mapped-IPv6 addresses greatly
benefit from the hack to pretend that they were just IPv4 addresses all
along. There are still shipping OS's which don't get that right.

-- 
Colm MacCárthaigh                        Public Key: colm+pgp@stdlib.net

Re: [Tip of the Day] getaddrinfo is not just for IPv6

[Lucian Adrian Grijincu <lu...@avira.com>]

I appologise about that, the mail was supposed to go to another
dev@domain.tld mailing list.

Sorry for the disturbance,

Lucian Adrian Grijincu