ssh forwarding behaviour ipv6 and localhost?

James Wilkinson fedora at aprilcottage.co.uk
Wed Jan 10 18:18:34 UTC 2007


Ian Malone wrote:
> I upgraded to FC6 over the weekend and found that my normal
> port forwarding trick to get Samba access to my home machine
> through a proxy stopped working, before I had something like
> this (running cygwin ssh):
> ssh -L 10.0.0.1:139:atlas:139 ian at 10.0.0.1 -f -N -i somekey
>
> (The strange forwarding from 10.0.0.1 is to overcome the
> fact that Windows will only try this port for Samba. The
> login at 10.0.0.1 is because I have to forward ssh over a proxy).
> But this started giving me connection refused messages.
>
> Trying Putty gave the same result, I also had a go at
> localhost instead to see if I'd done something funny to my
> hostname. No success. However, using 127.0.0.1 explicitly
> works:
>
> ssh -L 10.0.0.1:139:127.0.0.1:139 ian at 10.0.0.1 -f -N -i somekey
>
> Is fine, what I want to know is does this have something to
> do with IPV6?  Either somewhere in samba or in sshd?
>
> $ cat /etc/hosts
> # Do not remove the following line, or various programs
> # that require network functionality will fail.
> ::1     atlas.millroad  atlas   localhost.localdomain   localhost

As you've found, "localhost" by default points at an IPv6 address on
Fedora (the IPv6 equivalent of 127.0.0.1). This works for many things,
but not everything.

A bit of googling suggested:
  Traditionally, Samba and Microsoft Windows have run SMB on top of the
  NetBIOS protocol. On the Internet, NetBIOS can be layered on top of
  TCP and UDP using ports 137, 138, and 139. This is called
  NetBIOS-over-TCP, or NBT for short, and is essentially a giant hack by
  Microsoft to make their old legacy networking protocols run on TCP/IP.
  Since IPv4 addressing is deeply embedded in NBT, it will probably
  never be possible to run NetBIOS on IPv6, but this is probably for the
  best.
  -- http://www.litech.org/samba/

So yes, you're right -- blame IPv6.

Personally, I switched back to an IPv4 alias for localhost almost
immediately.

James.

-- 
E-mail:     james@ | ... in order to work, [Microsoft] Vista's content
aprilcottage.co.uk | protection must be able to violate the laws of physics,
                   | something that's unlikely to happen no matter how much
                   | the content industry wishes it were possible.
                   |     -- Peter Gutmann




More information about the users mailing list