IPv6 and localhost
Wolfgang S. Rupprecht
wolfgang.rupprecht+gnus200901 at gmail.com
Sat Jan 31 01:38:14 UTC 2009
Bill Davidsen <davidsen at tmr.com> writes:
> Wolfgang S. Rupprecht wrote:
>> Allen Kistler <an037-ooai8 at yahoo.com> writes:
>>> So the question really is: Is there a reason localhost is not both
>>> the IPv4 loopback and the IPv6 loopback (*other* than hiding some bugs
>>> in some programs)? Or should Fedora (and eventually Red Hat) change
>>> the default /etc/hosts shipped/created with anaconda?
>> One of the first things I do on an install is get rid of the lame
>> distribution /etc/hosts file. I've done this since fc4 and fedora,
>> just like netbsd and openbsd has no need for the silly targeted
>> localhost names. The other silly thing is the "localhost.localdomain"
>> entry coming first. Really, what is that about??? "localhost" has
>> worked just fine for over 2 decades. Software understands it. What
>> advantage is there to rocking the boat?
> Using the hosts file for the local name and the names of a few useful
> hosts is protection against some fascist ISP deciding to block or DNAT
> all DNS queries to the ISP servers. So they can block lookup of sites
> they deem harmful.
Oh, I guess I wasn't clear. I have a hosts file, I just object to the
silly localhosts entries in the stock fedora one. (Especially the
fact that the silly localhost*.localdomain name is first.)
I've never liked using ISP's nameservers. They never seem to be set
up right and are usually very old and buggy. Luckily I haven't been
subjected to an ISP that blocks or steals port-53. If they did I'd
certainly raise an unholy stink.
As an aside I wonder if stealing and re-transmitting forged 53/udp and
53/tcp packets in a man-in-the-middle attack is the sort of attack the
wiretap laws were meant to protect against. From what I understand,
organized crime used to cut the analog telephone wires tap in and
retransmit their own version of the signal in order perpetrate fraud.
Stealing mouse clicks by re-routing traffic for some hostnames strikes
me as a much milder form of the same fraud.
Wolfgang S. Rupprecht http://www.full-steam.org/ (ipv6-only)
You may need to config 6to4 to see the above pages.
More information about the users