# [solved] net-ftp/vsftpd: Does not run on IPv4 and IPv6

## _Smash_

Hello.

=net-ftp/vsftpd-3.0.0 and latest stable does not run simultaniously on IPv4 and IPv6.

Config file suggests to run two copies of the daemon.

vsftpd # grep listen ipv4.conf | grep -v "#"

listen=YES

listen_ipv6=NO

vsftpd # grep listen ipv6.conf | grep -v "#"

listen=NO

listen_ipv6=YES

Starting one Daemon works.

/etc/init.d/vsftpd.ipv6 restart

 * Starting vsftpd.ipv6 ... [ ok ]

netstat -lp | grep vsf

tcp6       0      0 [::]:ftp       [::]:*    LISTEN      9734/vsftpd

Starting the second does not.

/etc/init.d/vsftpd.ipv4 start

 * Starting vsftpd.ipv4 ...

500 OOPS: could not bind listening IPv4 socket         [ ok ]

And now vice versa:

/etc/init.d/vsftpd.ipv6 stop

 * Stopping vsftpd.ipv6 ...                           [ ok ]

/etc/init.d/vsftpd.ipv4 restart

 * Stopping vsftpd.ipv4 ...

 * start-stop-daemon: no matching processes found     [ ok ]

 * Starting vsftpd.ipv4 ...                           [ ok ]

netstat -lp | grep vsf

tcp        0      0 *:ftp      *:*        LISTEN      9789/vsftpd

IPv6 socket is not bound, but vsftpd can not bind to it.

/etc/init.d/vsftpd.ipv6 start

 * Starting vsftpd.ipv6 ...                           [ ok ]

500 OOPS: could not bind listening IPv6 socket

Commenting out as suggested in the config file is not valid either.

/etc/init.d/vsftpd.ipv6 start

 * Starting vsftpd.ipv6 ...              [ ok ]

500 OOPS: run two copies of vsftpd for IPv4 and IPv6

It was presumed, that it has to be configured using xinetd, so i did.

xinetd.d # cat vsftpd_ipv4 

service ftp

{

	disable			= no

	socket_type		= stream

	protocol		= tcp

	flags			= IPv4

	wait			= no

	user			= root

	server			= /usr/sbin/vsftpd

	server_args		= /etc/vsftpd/vsftpd.conf -olisten=NO -olisten_ipv6=NO

}

xinetd.d # cat vsftpd_ipv6 

service ftp

{

	disable			= no

	socket_type		= stream

	protocol		= tcp

	flags			= IPv6

	wait			= no

	user			= root

	server			= /usr/sbin/vsftpd

	server_args		= /etc/vsftpd/vsftpd.conf -olisten=NO -olisten_ipv6=NO

}

vsftpd # grep listen  vsftpd.conf | grep -v "#"

listen=NO

listen_ipv6=NO

Apr 13 13:33:39 [start-stop-daemon] pam_unix(start-stop-daemon:session): session opened for user nobody by root(uid=0)

Apr 13 13:33:39 [xinetd] bind failed (Address already in use (errno = 9 :Cool: ). service = ftp

Apr 13 13:33:39 [xinetd] Service ftp failed to start and is deactivated.

Apr 13 13:33:39 [xinetd] xinetd Version 2.3.14 started with libwrap loadavg options compiled in.

Apr 13 13:33:39 [xinetd] Started working: 1 available service

netstat -lp | grep xine

tcp        0      0 *:ftp        *:*                LISTEN      14436/xinetd

I hope i got the xinetd configs right.

Anyone got an idea?Last edited by _Smash_ on Sun Apr 15, 2012 8:43 am; edited 1 time in total

----------

## Arkhelion

Hello,

I don't use VsFTPd, but ProFTPd binds correctly to both IPv4 and IPv6 with only one daemon.

----------

## Hu

Why do you need an explicit IPv4 listener?

----------

## _Smash_

As you can see, the IPv6 listener opens only an IPv6 Port, not an IPv4 listener as well.

And the config file tells you to.

----------

## Hu

I can see that it only opens an IPv6 socket, but that does not mean anything by itself.  I am asking why you think you need to create a separate IPv4 listener.  As documented in man ipv6, modern Linux can transparently pass incoming IPv4 connections to an IPv6 listener, unless the listener asks for alternate behavior.

----------

## gentoo_ram

The "listen_ipv6" parameter will allow both IPv6 and IPv4 connections.  I run IPv6 on my internal home LAN and connected to vsftp after configuring it to listen on IPv6.

Connect via IPv6:

```

gw # netstat -antp | grep vsf

tcp6       0      0 :::21                   :::*                    LISTEN      79393/vsftpd        

tcp6       0      0 fd05:efbb:4a1b:1:250:21 fd05:efbb:4a1b:1::51927 ESTABLISHED 79401/vsftpd        

```

Connect via IPv4:

```

gw # netstat -antp | grep vsf

tcp6       0      0 :::21                   :::*                    LISTEN      79393/vsftpd        

tcp6       0      0 192.168.1.1:21          192.168.1.58:51930      ESTABLISHED 79407/vsftpd        

```

This is on vsftpd-2.3.5.

```

#listen=YES

listen_ipv6=YES

```

As for xinetd... you use either one or the other.  Either you configure xinetd to listen on the FTP port and start vsftpd when a connection comes or you run vsftpd and have it connect directly on the port.  But you can't do both.  Choose one or the other.  Personally, I don't run xinetd or any kind of inetd... I just let the daemons connect directly to the ports.

----------

## _Smash_

Thank you gentoo-ram.

Indeed i was mislead by the config file stating 

"#To listen on IPv4 and IPv6

# sockets, you must run two copies of vsftpd with two configuration files.

# Make sure, that one of the listen options is commented !!"

I never really tried connecting via IPv4 because i did not see a separate IPv4 listener.

So it works by setting up just the IPv6 listener.

----------

## Hu

 *gentoo_ram wrote:*   

> The "listen_ipv6" parameter will allow both IPv6 and IPv4 connections.

 Is that not what I told him earlier?

 *_Smash_ wrote:*   

> I never really tried connecting via IPv4 because i did not see a separate IPv4 listener.
> 
> So it works by setting up just the IPv6 listener.

 It works if your system is configured to transparently pass IPv4 to IPv6.  This is the default, but can be changed (as documented in man ipv6, around the same section that I referenced before).  Additionally, vsftpd can refuse this behavior.  However, the stable version you cited does not adjust that socket option.

----------

## _Smash_

 *Hu wrote:*   

> 
> 
>  *gentoo_ram wrote:*   The "listen_ipv6" parameter will allow both IPv6 and IPv4 connections. 
> 
> Is that not what I told him earlier?
> ...

 

No you asked me, why i didn´t know this behaviour of IPv6 Sockets, without telling me.... kinda looking down on me.

And you especially did not tell me that vsftpd honors this behaviour.

----------

## Hu

 *_Smash_ wrote:*   

> No you asked me, why i didn´t know this behaviour of IPv6 Sockets, without telling me.... kinda looking down on me.
> 
> And you especially did not tell me that vsftpd honors this behaviour.

 I asked you why you thought you needed an IPv4 listener.  Rather than answering my question, you pointed me back to your prior statements.  If your prior statements had been sufficient to answer my question, I would not have asked it.  I would not expect you to know about the passthrough behavior, but I would expect you to test whether something works before asking why it does not work, especially if you open the post with a statement that it does not work.  I did not tell you that vsftpd honored that behavior because I qualified the initial statement with unless the listener asks for alternate behavior.  Therefore, the useful behavior is the default and there is no need to enumerate the programs which respect the default.

----------

