You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by Brad Saxton <bs...@brocku.ca> on 2022/01/04 18:56:47 UTC

Upgrade forces IPv6?

●●●●●●●●●●●●●●●●
Just in case someone has an answer for this or runs into the same problem.

I upgraded a working instance of 1.3.0 to 1.4.0. Recompiled and installed guacd. Removed old extensions and copied the 1.4.0 versions in their place. Replaced the guacamole.war file and remove the old guacamole webapps directory. Started tomcat and guacd.

Logging in to the web interface works and available connections are shown (ssh in my case). Attempts to use any connections results in an internal error. Log shows:

     ERROR o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: java.net.ConnectException: Connection refused (Connection refused)

Things are configured (same as before - no changes to config files) to have guacd run on the standard port 4822 and guacd is definitely listening on that port BUT as it turns out, it is only listening on the IPv6 interface.

If I completely disable IPv6, which on Red Hat 7 is done with adding to the end of /etc/sysctl.conf:
   net.ipv6.conf.all.disable_ipv6 = 1
   net.ipv6.conf.default.disable_ipv6 = 1

and rebooting.

Now things work since guacd now binds to the IPv4 interface.

Any chance there is a configuration setting to force binding to IPv4 even if IPv6 is available?

Thanks
Brad


--

Brad Saxton
Senior System Administrator
Infrastructure Team
Brock University | Information Technology Services
Niagara Region | 1812 Sir Isaac Brock Way | St. Catharines, ON, Canada L2S 3A1
brocku.ca | T 905-688-5550 x4761 | F 905-688-4191

Re: Upgrade forces IPv6?

Posted by "Hankins, Jonathan" <jh...@homewood.k12.al.us>.
I ran into this. On my system (debian) there are 2 entries for localhost in
/etc/hosts, one with 127.0.0.1 and one with ::1. I had no guacd.conf file.
My guacamole.properties had guacd-hostname set to "localhost". The sysctl
for ipv6 bindv6only was at the default of 0 (false).

My connections had "localhost" under the guacd proxy settings.

Guacd was apparently resolving localhost as ::1 but the web app was trying
to connect to ":ffff:127.0.0.1" which would fail since guacd was not
binding to 127.0.0.1.

I believe this is related to the changes from GUACAMOLE-1190, but I have
seen someone else ask about it on the list and I suspect others are hitting
this too. We don't use IPv6 (at least, not intentionally) so I wasn't up to
speed on things, and it caught me by surprise and took me a while to
un-confuse myself.

The solution that worked for me was setting guacd-hostname to 127.0.0.1 in
guacamole.properties, bind_host to 127.0.0.1 in guacd.conf, and leaving my
connections set to "localhost". I'm on tomcat9 and I suspect there's
something at play there that's causing guacd to resolve localhost to ::1
but the tunnel code in the web app to resolve it to 127.0.0.1, at least on
my system.

On Tue, Jan 4, 2022, 12:57 PM Brad Saxton <bs...@brocku.ca> wrote:

> ●●●●●●●●●●●●●●●●
> Just in case someone has an answer for this or runs into the same problem.
>
> I upgraded a working instance of 1.3.0 to 1.4.0. Recompiled and installed
> guacd. Removed old extensions and copied the 1.4.0 versions in their place.
> Replaced the guacamole.war file and remove the old guacamole webapps
> directory. Started tomcat and guacd.
>
> Logging in to the web interface works and available connections are shown
> (ssh in my case). Attempts to use any connections results in an internal
> error. Log shows:
>
>      ERROR o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request
> failed: java.net.ConnectException: Connection refused (Connection refused)
>
> Things are configured (same as before - no changes to config files) to
> have guacd run on the standard port 4822 and guacd is definitely listening
> on that port BUT as it turns out, it is only listening on the IPv6
> interface.
>
> If I completely disable IPv6, which on Red Hat 7 is done with adding to
> the end of /etc/sysctl.conf:
>    net.ipv6.conf.all.disable_ipv6 = 1
>    net.ipv6.conf.default.disable_ipv6 = 1
>
> and rebooting.
>
> Now things work since guacd now binds to the IPv4 interface.
>
> Any chance there is a configuration setting to force binding to IPv4 even
> if IPv6 is available?
>
> Thanks
> Brad
>
>
> --
>
> Brad Saxton
> Senior System Administrator
> Infrastructure Team
> Brock University | Information Technology Services
> Niagara Region | 1812 Sir Isaac Brock Way | St. Catharines, ON, Canada
> L2S 3A1
> brocku.ca | T 905-688-5550 x4761 | F 905-688-4191
>

-- 
This e-mail is intended only for the recipient and may contain confidential 
or proprietary information. If you are not the intended recipient, the 
review, distribution, duplication or retention of this message and its 
attachments are prohibited. Please notify the sender of this error 
immediately by reply e-mail, and permanently delete this message and its 
attachments in any form in which they may have been preserved.