Bind to all interfaces for IPv4 and IPv6 in haproxy

I want to configure haproxy to bind to a tcp as well as tcp6 socket on all interfaces (i.e., 0.0.0.0:80 and :::80).

I was able to reach this goal with the following settings:

listen web
  bind :80 v4v6
  bind :::80 v6only

Is there any shorter way than this?

While I expect it to behave different, the v4v6 keyword makes haproxy bind to a v4 socket only.


To listen on the same port for IPv6 and IPv4, use this:

bind :::80 v4v6

Admittedly, this was an intuitive guess that appears to have been correct... but rather than just post a "lucky" guess as the answer, even though it works, it seems like I should justify it.

the v4v6 keyword makes haproxy bind to a v4 socket only.

My first intuition was that it's not v4v6 but rather the use of :80 (or, more precisely, the use of no IP address at all, just a port number) that causes this socket to listen on IPv4 only.

This seems to be confirmed in the docs for bind:

address is optional and can be a host name, an IPv4 address, an IPv6 address, or '*'. It designates the address the frontend will listen on. If unset, all IPv4 addresses of the system will be-listened on. The same will apply for '*' or the system's special address "0.0.0.0". The IPv6 equivalent is '::'.

http://cbonte.github.io/haproxy-dconv/configuration-1.6.html#4.2-bind (emphasis added)

So the following three forms are all equivalent, and are all interpreted as being IPv4 by HAProxy:

bind :80
bind *:80
bind 0.0.0.0:80

Next, there is one sentence in the docs for v4v6 could be read in isolation to indicate that v4v6 might be usable to extend one of the above bind statements to listen on IPv6...

v4v6

It is used to bind a socket to both IPv4 and IPv6 when it uses the default address.

...hmmm, but I suspect that this actually means "the v6 default address" (::)...

Doing so is sometimes necessary on systems which bind to IPv6 only by default.

...and now, I suspect it even more...

It has no effect on non-IPv6 sockets, and is overridden by the v6only option.

http://cbonte.github.io/haproxy-dconv/configuration-1.6.html#5.1

So, it appears that v4v6 only modifies bind directives that specify the IPv6 default listen address, which is :: (the 3rd : is the separator between the address and the port), and is ignored for others.


The accepted answer does not work for me, at least with haproxy-1.6.11p0 on OpenBSD. Also, TL;DR. Just do:

bind 0.0.0.0:80
bind :::80

and it will work:

# netstat -an|grep "*.80"
tcp          0      0  *.80                   *.*                    LISTEN
tcp6         0      0  *.80                   *.*                    LISTEN

I know im late to the party. Im not allowed to comment so i had to add this answer.

I just wanted to add if you dont like the way the triple colons ::: look

bind :::80

You can always enclose IPv6 address in brackets.

bind [::]:80