IPv6 Support for Monit Interface

Issue #421 resolved
Harivardhan Pyaram
created an issue

According to Issue 36, IPv6 support has been added for pretty much everything but the Monit HTTP Interface. For our product, we want to move completely toward IPv6 and so, monit keeps kicking out saying "Cannot translate <hostname> to IP address"

The logs seem to state that all the checks are being done properly and the system is fine. But monit summary and status do not give us any data whatsoever except the above message.

There are two things that can be done:

  1. Enabling output of status even with DNS Resolution problems.
  2. Enabling Monit HTTP with IPv6 address

Comments (8)

  1. twm

    Unfortunately, even with these changes the http interface still does not work with IPv6. As far as I know this issue is limited to Linux, where by default an IPv6 TCP listener will silently serve IPv4 as well.

    http/engine.c will start a v4 listener first, then v6. Since the v6 listener wants to serve v4 as well it will fail with an "address already in use" error. However, engine.c is happy with only one working TcpServer and will continue v4 only.

    Possible workarounds:

    1) In http/engine.c: swap _createTcpServer(Socket_Ip4, error) and _createTcpServer(Socket_Ip6, error). The v4-only listener will fail, but the v6-listener will serve both. This is not visible in "netstat -n -l -t -p".

    or

    2) In net.c, function create_server_socket_tcp.c: set socket option IPV6_V6ONLY when _result->ai_family == AF_INET6. This will create a v6-only listener that does not clash with the previously started v4-only listener. This is visible in "netstat -n -l -t -p".

  2. twm

    Thanks for the quick reaction. I can confirm that Monit 5.19.0 + the patch is working as expected on Ubuntu 12.04, 14.04 & 16.04 with both IPv4 and IPv6.

    However, M/Monit is unable to reach the monitored hosts via IPv6. When I select a host from the host list the connection status is red and the tooltip says "Cannot establish connection to Monit at [1:2:3:4:5:6:7:8:2812] No route to host" (address is an example - it displays the actual address). This problem is limited to M/Monit as I am able to request the XML status with curl.

    My guess is that monit needs to present its address in squared braces when it is an IPv6 literal address, e.g. <address>[2001::1]</address> instead of <address>2001::1</address>, but I've not yet verified this. Also, if M/Monit connects to the IP address instead of the hostname, can and does it verify the SSL certificate?

  3. Log in to comment