Re: pg_hba.conf change in 7.4 - Mailing list pgsql-general
| From | Seum-Lim Gan |
|---|---|
| Subject | Re: pg_hba.conf change in 7.4 |
| Date | |
| Msg-id | p05100304bbe2abcb91c2@[135.185.171.70] Whole thread Raw |
| In response to | Re: pg_hba.conf change in 7.4 (Bruce Momjian <pgman@candle.pha.pa.us>) |
| Responses |
Re: pg_hba.conf change in 7.4
|
| List | pgsql-general |
Hi Bruce, We are using Sun Solaris 9 on Sparc. uname -a : SunOS test01 5.9 Generic_112233-04 sun4u sparc SUNW,Ultra-80 Gan At 12:29 pm -0500 2003/11/20, Bruce Momjian wrote: >I think what happens is that when we listen on IPv4 and IPv6, that all >connections get IPv6. What OS are you using? > >--------------------------------------------------------------------------- > >Seum-Lim Gan wrote: >> Hi Bruce, >> >> Thanks for the info. >> I captured the netstat output below. >> >> Looks like there is a bunch of IPv4 being used. >> >> Any idea how this can be resolved ? >> >> Thanks. >> >> Gan >> >> UDP: IPv6 >> Local Address Remote Address >> State If >> --------------------------------- --------------------------------- >> ---------- ----- >> localhost.35847 localhost.35847 >>Connected >> >> TCP: IPv4 >> Local Address Remote Address Swind Send-Q Rwind Recv-Q State >> -------------------- -------------------- ----- ------ ----- ------ ------- >> localhost.32906 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32906 49152 0 49152 >>0 ESTABLISHED >> localhost.32908 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32908 49152 0 49152 >>0 ESTABLISHED >> localhost.32910 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32910 49152 0 49152 >>0 ESTABLISHED >> localhost.32911 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32911 49152 0 49152 >>0 ESTABLISHED >> localhost.32913 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32913 49152 0 49152 >>0 ESTABLISHED >> localhost.32915 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32915 49152 0 49152 >>0 ESTABLISHED >> localhost.32917 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32917 49152 0 49152 >>0 ESTABLISHED >> localhost.32919 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32919 49152 0 49152 >>0 ESTABLISHED >> localhost.32920 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32920 49152 0 49152 >>0 ESTABLISHED >> localhost.32922 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32922 49152 0 49152 >>0 ESTABLISHED >> localhost.32923 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32923 49152 0 49152 >>0 ESTABLISHED >> localhost.32924 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32924 49152 0 49152 >>0 ESTABLISHED >> localhost.32926 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32926 49152 0 49152 >>0 ESTABLISHED >> localhost.32927 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.32927 49152 0 49152 >>0 ESTABLISHED >> localhost.33086 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.33086 49152 0 49152 >>0 ESTABLISHED >> localhost.33087 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.33087 49152 0 49152 >>0 ESTABLISHED >> localhost.50882 localhost.14502 49152 0 49152 >>0 ESTABLISHED >> localhost.14502 localhost.50882 49152 0 49152 >>0 ESTABLISHED >> localhost.50883 localhost.14500 49152 0 49152 >>0 ESTABLISHED >> localhost.14500 localhost.50883 49152 0 49152 >>0 ESTABLISHED > > >> At 12:11 pm -0500 2003/11/20, Bruce Momjian wrote: >> >Seum-Lim Gan wrote: >> >> Hi, >> >> >> >> In 7.4, I noticed there is this ::1 and ffff: (x8 of them) >> >> for IPv6. >> >> >> >> I looked at the documentation and there is nothing that says >> >> what the ::1 is for. >> > >> >The ::1 is a IPv6 shorthand for 127.0.0.1 (localhost). >> > >> >> Commenting out that line will prevent access to PostgreSQL >> >> from psql unless I put trust for that line. >> >> >> >> This is what I had in 7.3.4: >> >> host all all 127.0.0.1 255.255.255.255 >> > > ident pspmap >> >> local all all >>password >> >> host all all 0.0.0.0 0.0.0.0 reject >> >> >> >> But in 7.4, it does not work anymore. It seems to want ::1 to >>be somewhere. >> >> If I change the line with ::1 from trust to ident pspmap, it >>complains that >> >> the user cannot be found. But it is in the pspmap. Message fromm psql: >> > >> >Seems you have an OS that makes all connections IPv6, even IPv4 ones. >> >That is why we had to have that line in there. Seems ::1 controls your >> >local connections on that platform. Some platforms have distinct IPv4 >> >and IPv6 connections, so we have to include both lines in the file. >> > >> >> Right now, I have it set to trust to work around. >> >> Any idea what to do about this ? >> >> >> >> host all all 127.0.0.1 255.255.255.255 >> >> ident pspmap >> >> local all all >>password >> >> host all all 0.0.0.0 0.0.0.0 reject >> >> # IPv4-style local connections: >> >> #host all all 127.0.0.1 >>255.255.255.255 trust >> >> # IPv6-style local connections: >> >> host all all ::1 >> >> ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff trust >> > >> >Yea, that's about it. My guess is that nothing is coming in via IPv4 on >> >your machine so 127.0.0.1 does nothing. Perhaps netstat will show the > > >IP address family used. -- +--------------------------------------------------------+ | Seum-Lim GAN email : slgan@lucent.com | | Lucent Technologies | | 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 | | Naperville, IL 60566, USA. fax : (630)-713-7272 | | web : http://inuweb.ih.lucent.com/~slgan | +--------------------------------------------------------+
pgsql-general by date: