Discussion:
Relayd and ipv6
(too old to reply)
Scott Seekamp
2018-04-10 17:57:18 UTC
Permalink
Raw Message
Hello!

I’m setting up Relayd for a few services in my lab as a test bed and couldn’t find answers in the docs on expected behavior.

Is it better/worse/no difference to split ip4 from ip6 redirects and relays:

Combined:
redirect "ldap" {
listen on $ext_addr port 389
listen on $ext_v6 port 389

forward to <ldaphosts> check tcp
}


Split:
redirect "smtprelay4" {
listen on $ext_addr port 25

forward to <relayhosts4> check tcp
}

redirect "smtprelay6" {
listen on $ext_v6 port 25

forward to <relayhosts6> check tcp
}


Does it depend on whether it’s a relay or redirect?

My pf rules end looking like this for the redirects:

anchor "ldap" all {
pass in quick on rdomain 0 inet6 proto tcp from any to “ip6 addr" port = 389 flags S/SA keep state (tcp.established 600) rdr-to <ldap> port 389 round-robin
pass in quick on rdomain 0 inet proto tcp from any to “ip4 addr" port = 389 flags S/SA keep state (tcp.established 600) rdr-to <ldap> port 389 round-robin
}

with the <ldap> table containing both the ip4 and ip6 address.


Thanks!
Scott

Loading...