# distccd use both ipv6 and ipv4 simultaneously [solved?]

## eccerr0r

I initially thought I should set up my nameserver to return both ipv4 (static private IP) and ipv6 (slaac) addresses.  It works fine for ssh, but when using distccd, it seems distccd does not listen to ipv6 addresses when ipv4 is enabled...  

The workaround is to set ipv4 addresses only in /etc/distcc/hosts, but is it possible to get distccd to listen (and deny) both ipv4 and ipv6 addresses at the same time?

I do kind of worry that distccd, due to the slaac addresses, will listen to compile requests coming in over the WAN but my router should be blocking all incoming ipv6 packets except those destined to my server, so I think this shouldn't be an issue, though I would imagine I should still specify my ipv6 prefix as a mask (or perhaps use the link local addresses...).

IPV6 doesn't work:

```
$ ps ax|grep distccd|head -1

 3744 ?        SN     0:00 /usr/bin/distccd --verbose --no-detach --daemon --port 3632 -N 15 --allow 127.0.0.1 --allow ::1 --allow 10.0.0.0/24

```

```
$ telnet ::1 3632

Trying ::1...

telnet: Unable to connect to remote host: Connection refused

$ telnet ::1 22

Trying ::1...

Connected to ::1.

Escape character is '^]'.

SSH-2.0-OpenSSH_7.5p1-hpn14v12

```

IPV4 works:

```
$ telnet localhost 3632

Trying ::1...

Trying 127.0.0.1...

Connected to localhost.

Escape character is '^]'.

```

---

I think I figured it out...sort of.

It looks like distccd does not listen to ipv6 by default.  Unlike ipv4, it will not listen to your ports automatically when you allow them.  Now unfortunately I have to specify my ipv6 address explicitly on the command line to listen to it, which is very gaudy, and wonder why this is needed for v6 but not v4.

----------

## fjeldse

This was a while ago, but I had the same problem where I wanted to have more control over distccd than the command line seemed to provide. What I did instead was take advantage of distccd's inetd option get systemd to socket-activate it on TCP/3632 instead, with ListenStream=3632, BindIPv6Only=both, Accept=true and MaxConnections=15: Obviously you could use (x)inetd as well. One nice thing about using inetd mode is that distccd only runs if there are active clients!

Regarding limiting who can use the server, I added a server firewall rule to only allow access from the local IPv4/6 network (the router filters out stuff like that already too, but defense in depth is good.)

----------

## eccerr0r

I was thinking about using (x)inetd route as a last resort, but dismissed it because it would add a few milliseconds fork() latency, and from my experience, the slower distccd is, the less useful it is.  I might have to figure out how to "fix" this...

Good to know that systemd's inetd path works, I hadn't thought about that (plus I have xinetd running on my systemd box.  Department of redundancy department?)

----------

## stikonas

Sorry to resurrect an old thread, but I think I've figured out how to do it directly. And it might be useful to those who stumble on this page.

You can simply specify 

```
--listen ::
```

----------

## Hu

 *stikonas wrote:*   

> Sorry to resurrect an old thread, but I think I've figured out how to do it directly. And it might be useful to those who stumble on this page.
> 
> You can simply specify 
> 
> ```
> ...

 Beware that the shown option listens on wildcard.  OP specifically wanted to avoid offering service to WAN-side clients.

----------

## Ant P.

distccd still doesn't understand multi-homing or dual-stack as of this post - I just tried various combinations of v4/v6 --listen and it ignores all but the last option. I'm just going to stick with v6.

 *Hu wrote:*   

> Beware that the shown option listens on wildcard. OP specifically wanted to avoid offering service to WAN-side clients.

 

True, but distcc will refuse to start without an --allow list anyway so it shouldn't be a problem.

----------

