HTTPD listening in IPv6, according netstat, but reacheable in IPv4

httpdipv4ipv6netstat

Using Openstack, I have a Web GUI (horizon) hosted on my server (HTTPS).

When I do a netstat -lt | grep https, I have:

tcp6       0      0 [::]:https              [::]:*                  LISTEN

With lsof -i :443, I have:

COMMAND   PID   USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
httpd    5250   root    6u  IPv6  27390      0t0  TCP *:https (LISTEN)
httpd   17675 apache    6u  IPv6  27390      0t0  TCP *:https (LISTEN)
httpd   17676 apache    6u  IPv6  27390      0t0  TCP *:https (LISTEN)
httpd   17677 apache    6u  IPv6  27390      0t0  TCP *:https (LISTEN)
httpd   17678 apache    6u  IPv6  27390      0t0  TCP *:https (LISTEN)
httpd   17679 apache    6u  IPv6  27390      0t0  TCP *:https (LISTEN)
httpd   17680 apache    6u  IPv6  27390      0t0  TCP *:https (LISTEN)
httpd   17681 apache    6u  IPv6  27390      0t0  TCP *:https (LISTEN)
httpd   17682 apache    6u  IPv6  27390      0t0  TCP *:https (LISTEN)
httpd   27444 apache    6u  IPv6  27390      0t0  TCP *:https (LISTEN)

However the server is reachable in IPv4. It's ok for me but I wonder why there is not an entry with netstat like this:

tcp       0      0 0.0.0.0:https              0.0.0.0:*                  LISTEN

Best Answer

I believe that on Linux, binding to [::] (IPv6) results in receiving both IPv6 and IPv4 traffic (by default). I believe these are referred to as IPv4-mapped IPv6 addresses. netstat simply shows the IPv6 entry only, because there's technically only a single bind, that happens to support both IPv4 and IPv6.

There's a bit of information on the Apache site.

It's possible for software to not use IPv4-mapped IPv6 addresses and bind to both 0.0.0.0 and [::] separately and hence show up twice in netstat, but it's a design choice on the part of the developers.

Best Answer

Related Solutions

Centos – Apache will not come back up – httpd dead but subsys locked

Interpreting Netstat output

Related Topic