X11 forwarding to IPv6 enabled host not working.

Mark Ennis mark.ennis at acm.org
Tue May 9 17:12:57 EST 2006

Darren Tucker wrote:
> On Thu, May 04, 2006 at 05:22:33PM +1000, Mark Ennis wrote:
>> I have been experiencing a problem with using X11 forwarding on an IPv6
>> enabled host (both CentOS 4.3 and Feddora Core 5 in x86) when
>> X11UseLocalhost is off.
>> Having looked at the code and the previous discussion regarding
>> http://bugzilla.mindrot.org/show_bug.cgi?id=164 I think the problem is
>> due to the IPV6_V6ONLY code interacting poorly with the
>> DONT_TRY_OTHER_AF hack. Basically, on current Linux systems which
>> support the IPV6_V6ONLY socket option, the forwarded socket is created
>> for IPV6 only and then the DONT_TRY_OTHER_AF prevents an IPV4 listen
>> socket from also being created. Thus, only forwarding X11 connections
>> over IPV6 are then supported.
>> I would recommend addressing this by changing the DONT_TRY_OTHER_AF hack
>> to apply only where the the IPV6_V6ONLY socket option is not supported.
>> For example:
> Seems reasonable to me, but I don't use IPv6 (for X11 or otherwise).  A
> unified diff for the same patch is below (easier to read).
I don't use IPv6 much either, but the default on the newer RedHat based 
distros seems to enable IPv6 link-local addressing on interfaces 

> Another alternative would be unsetting DONT_TRY_OTHER_AF if IPV6_V6ONLY
> is defined.

If configure can work that out then I agree that would probably be 
better. In fact, I would be inclined to argue that, if a reasonable 
assumption is that systems supporting IPV6_V6ONLY will listen on both 
IPv4 and IPv6 automatically, it would be better not using IPV6_V6ONLY 
and DONT_TRY_OTHER_AF at all and defaulting to the same behaviour as is 
used for setting up port 22 listening, including respecting the -4 and 
-6 command line arguments to sshd.

- Mark.

More information about the openssh-unix-dev mailing list