[leafnode-list] IPv6 and local network

[M G Berberich]

Hello,

lefnode.conf says:

    An IPv6 address is considered local if it is site-local,
    link-local or the loopback address (::1).

This does not work for a site with global IPv6-Adresses, as the
server-name resolvs to a address with scope global.

For ipV4 there holds:

    An IPv4 address is considered local if it is within the networks
    (IP/netmask) of the local interfaces.

Why does this not hold for IPv6-addresses too?

Example:

server IPv6-config is:

    # ip -6 addr show eth0
    2: eth0: …
	inet6 2001:4ca0:107:20::23/64 scope global
	   valid_lft forever preferred_lft forever
	inet6 …
	inet6 …

client tries to access and is refused access:

   leafnode[23910]: connect from 2001:4ca0:107:20::15 (2001:4ca0:107:20::15)
   leafnode[23910]: connect from luthien.forwiss.uni-passau.de (2001:4ca0:107:20::15) to manwe.forwiss.uni-passau.de (2001:4ca0:107:20::23) (my fqdn: manwe.forwiss.uni-passau.de)
   leafnode[23910]: Denying access from address outside the local networks. (Check config.example.)

even 2001:4ca0:107:20::23/64 is a local network.

	MfG
	bmg

-- 
„Des is völlig wurscht, was heut beschlos- | M G Berberich
 sen wird: I bin sowieso dagegn!“          | berberic at fmi.uni-passau.de
(SPD-Stadtrat Kurt Schindler; Regensburg)  | www.fmi.uni-passau.de/~berberic