Bind to all interfaces for IPv4 and IPv6 in haproxy
I want to configure haproxy to bind to a tcp
as well as tcp6
socket on all interfaces (i.e., 0.0.0.0:80
and :::80
).
I was able to reach this goal with the following settings:
listen web
bind :80 v4v6
bind :::80 v6only
Is there any shorter way than this?
While I expect it to behave different, the v4v6
keyword makes haproxy bind to a v4 socket only.
To listen on the same port for IPv6 and IPv4, use this:
bind :::80 v4v6
Admittedly, this was an intuitive guess that appears to have been correct... but rather than just post a "lucky" guess as the answer, even though it works, it seems like I should justify it.
the v4v6 keyword makes haproxy bind to a v4 socket only.
My first intuition was that it's not v4v6
but rather the use of :80
(or, more precisely, the use of no IP address at all, just a port number) that causes this socket to listen on IPv4 only.
This seems to be confirmed in the docs for bind
:
address
is optional and can be a host name, an IPv4 address, an IPv6 address, or'*'
. It designates the address the frontend will listen on. If unset, all IPv4 addresses of the system will be-listened on. The same will apply for'*'
or the system's special address "0.0.0.0
". The IPv6 equivalent is '::'.http://cbonte.github.io/haproxy-dconv/configuration-1.6.html#4.2-bind (emphasis added)
So the following three forms are all equivalent, and are all interpreted as being IPv4 by HAProxy:
bind :80
bind *:80
bind 0.0.0.0:80
Next, there is one sentence in the docs for v4v6
could be read in isolation to indicate that v4v6
might be usable to extend one of the above bind statements to listen on IPv6...
v4v6
It is used to bind a socket to both IPv4 and IPv6 when it uses the default address.
...hmmm, but I suspect that this actually means "the v6 default address" (::
)...
Doing so is sometimes necessary on systems which bind to IPv6 only by default.
...and now, I suspect it even more...
It has no effect on non-IPv6 sockets, and is overridden by the
v6only
option.http://cbonte.github.io/haproxy-dconv/configuration-1.6.html#5.1
So, it appears that v4v6
only modifies bind
directives that specify the IPv6 default listen address, which is ::
(the 3rd :
is the separator between the address and the port), and is ignored for others.
The accepted answer does not work for me, at least with haproxy-1.6.11p0 on OpenBSD. Also, TL;DR. Just do:
bind 0.0.0.0:80
bind :::80
and it will work:
# netstat -an|grep "*.80"
tcp 0 0 *.80 *.* LISTEN
tcp6 0 0 *.80 *.* LISTEN
I know im late to the party. Im not allowed to comment so i had to add this answer.
I just wanted to add if you dont like the way the triple colons ::: look
bind :::80
You can always enclose IPv6 address in brackets.
bind [::]:80