Ask Your Question

puppet v4: ipv4 and ipv6

asked 2016-10-16 23:58:30 -0600

cm01 gravatar image

Hi Guys,
I'm trying to understand the following on my v4 puppetmaster (2.4.0/4.5.0)

eth0      Link encap:Ethernet  HWaddr 52:54:00:D5:E5:04  
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::5054:ff:fed5:e504/64 Scope:Link

netstat -tanp|grep 8140
tcp        0      0 :::8140                     :::*                        LISTEN      13045/java          
tcp        0      0 ::ffff:    ::ffff:   TIME_WAIT   -       

Facter -p gives
eth0 => {
  bindings => [
      address => "",
      netmask => "",
      network => ""
  bindings6 => [
      address => "fe80::5054:ff:fed5:e504",
      netmask => "ffff:ffff:ffff:ffff::",
      network => "fe80::"

nmap -6 -p8140 -P0
Starting Nmap 5.51 ( ) at 2016-10-17 04:51 UTC
Failed to resolve given IPv6 hostname/IP:

nmap  -p8140 -P0
Starting Nmap 5.51 ( ) at 2016-10-17 04:52 UTC
Nmap scan report for puppetmaster.ops.x.ycom (
Host is up (0.000026s latency).
8140/tcp open  unknown

So, nestat says it listens only in ipv6, nmap says only ipv4 and afaik, our internal network is only guaranteed for ipv4.
It works just fine serving client nodes..

What I want to know is what is going on? Is it ipv4, or ipv6, or both ???


edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2016-10-17 03:53:36 -0600

FranzCC gravatar image

Hi, linux reports ipv6 before ipv4.
But the binding is on "*", it means bind on all protocols.<bra check="" the="" output="" of="" lsof:<="" p="">

lsof -n -i|grep 8140|grep -i listen


java 20766 pe-puppet 152u IPv6 29951257 0t0 TCP *:8140 (LISTEN)

Rgds. Franz

edit flag offensive delete link more


Hi, I think I understand what you mean: its a dual use socket that looks like its on ipv6 (netstat, lsof)), but really on ipv4 (eg see nmap).
Is there a reference that states that anywhere? I've tried google but no luck so far.
Is this a Java socket thing?


cm01 gravatar imagecm01 ( 2016-10-17 18:48:31 -0600 )edit

That is logic. You can't disable ipv4 ;-)
So, all these programs access their data via procfs via fdinfo.
It is logically higher when reading the filedescriptors.
It's trivial, if you don't need ipv6, simply disable it.
Rgds. Franz

FranzCC gravatar imageFranzCC ( 2016-10-18 00:15:00 -0600 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2016-10-16 23:58:30 -0600

Seen: 1,038 times

Last updated: Oct 17 '16