[GLLUG] Can anyone explain this netstat output?
Andy Smith
andy at bitfolk.com
Sun Jun 30 11:48:01 UTC 2019
Hi John,
On Sun, Jun 30, 2019 at 11:50:54AM +0100, John Winters via GLLUG wrote:
> john at pi4:~ $ netstat -an | grep 8384
> tcp6 0 0 :::8384 :::* LISTEN
> tcp6 0 0 10.3.1.40:8384 10.3.0.80:51806 ESTABLISHED
> tcp6 0 0 10.3.1.40:8384 10.3.0.80:51814 ESTABLISHED
> tcp6 0 0 10.3.1.40:8384 10.3.0.80:51864 ESTABLISHED
> tcp6 0 0 10.3.1.40:8384 10.3.0.80:51810 ESTABLISHED
> tcp6 0 0 10.3.1.40:8384 10.3.0.80:51804 ESTABLISHED
> tcp6 0 0 10.3.1.40:8384 10.3.0.80:51812 ESTABLISHED
> tcp6 0 0 10.3.1.40:8384 10.3.0.80:51808 TIME_WAIT
> john at pi4:~ $
>
> A TCP connection over IPv6 from 10.3.0.80 to 10.3.1.40? WTF?
On Linux an AF_INET6 socket can accept both v6 and v4 connections.
It's mostly down to programmer taste whether to separate the two.
There is a socket option that can be set to only allow v6 on
AF_INET6 sockets if the programmer wishes.
> Note the entries for sshd show two listens - one for IPv4 and one for IPv6
> which is more what I would expect.
The BSDs intentionally do not support AF_INET6 sockets accepting
IPv4 connections and as sshd was ported from OpenBSD, I would think
that keeping things that way was the path of least resistance.
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
More information about the GLLUG
mailing list