2.9p2: sshd -6, port fwd of ipv4 fails

[Pekka Savola]

I tested this on the newest snapshot without '--with-ipv4-default', and
started sshd with just 'sshd', and port forwarding of IPv4 worked.

So it seems "the problem" appears to have been that '-6' doesn't like
forwarding through mapped addresses (different situation in OpenBSD and
the rest of the world, as OpenBSD disallows using mapped addresses
in these circumstances altogether).

On Mon, 23 Jul 2001, Pekka Savola wrote:
> Running openssh-2.9p2 on Linux.
>
> If server is run with 'sshd -6' (to enable ipv6 easily on server end), ie
> all IPv4 are represented as mapped addresses, port forwarding will not
> work; just running plain ol' IPv4 fixes this of course.
>
> The server error, when forwarding from the client '143:localhost:143' and
> connecting to localhost 143 is:
>
> debug1: server_input_channel_open: ctype direct-tcpip rchan 1 win 20480 max 2048
> debug1: server_request_direct_tcpip: originator 127.0.0.1 port 1340, target 127.0.0.1 port 143
> connect_to 127.0.0.1: unknown host (Address family for hostname not supported)
> debug1: server_input_channel_open: failure direct-tcpip
>
> The problem is that the connecting clients might not know a thing about
> IPv6, so it wouldn't even be possible to forward something like
> '143/::127.0.0.1/143', I suspect.
>
> So it might appear sshd -6 is not entirely "safe" if you want to forward
> ports w/ ipv4?
>
> I wonder if this would work properly on systems that do double bind, ie.
> separate ipv4 and ipv6 socket.  At least 2.5.2pX on FreeBSD appeared to
> have some problems, but didn't go to much into detail there.
>
>

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords