- marked as blocker
IPv6 Support for Monit Interface
According to Issue 36, IPv6 support has been added for pretty much everything but the Monit HTTP Interface. For our product, we want to move completely toward IPv6 and so, monit keeps kicking out saying "Cannot translate <hostname> to IP address"
The logs seem to state that all the checks are being done properly and the system is fine. But monit summary and status do not give us any data whatsoever except the above message.
There are two things that can be done:
- Enabling output of status even with DNS Resolution problems.
- Enabling Monit HTTP with IPv6 address
Comments (10)
-
reporter -
repo owner The IPv6 implementation for monit http interface was just checked in to repository (https://bitbucket.org/tildeslash/monit/commits/e159226bcab4/).
It is under testing yet (should be finished by Aug 3).
-
repo owner - changed status to resolved
The testing was finished, you can test the development version from Bitbucket repository (the official monit 5.19 release is in progress).
-
Unfortunately, even with these changes the http interface still does not work with IPv6. As far as I know this issue is limited to Linux, where by default an IPv6 TCP listener will silently serve IPv4 as well.
http/engine.c will start a v4 listener first, then v6. Since the v6 listener wants to serve v4 as well it will fail with an "address already in use" error. However, engine.c is happy with only one working TcpServer and will continue v4 only.
Possible workarounds:
1) In http/engine.c: swap _createTcpServer(Socket_Ip4, error) and _createTcpServer(Socket_Ip6, error). The v4-only listener will fail, but the v6-listener will serve both. This is not visible in "netstat -n -l -t -p".
or
2) In net.c, function create_server_socket_tcp.c: set socket option IPV6_V6ONLY when _result->ai_family == AF_INET6. This will create a v6-only listener that does not clash with the previously started v4-only listener. This is visible in "netstat -n -l -t -p".
-
repo owner - edited description
-
repo owner @e477 thank you for report, fixed: https://bitbucket.org/tildeslash/monit/commits/04fefe79e701/
-
Thanks for the quick reaction. I can confirm that Monit 5.19.0 + the patch is working as expected on Ubuntu 12.04, 14.04 & 16.04 with both IPv4 and IPv6.
However, M/Monit is unable to reach the monitored hosts via IPv6. When I select a host from the host list the connection status is red and the tooltip says "Cannot establish connection to Monit at [1:2:3:4:5:6:7:8:2812] No route to host" (address is an example - it displays the actual address). This problem is limited to M/Monit as I am able to request the XML status with curl.
My guess is that monit needs to present its address in squared braces when it is an IPv6 literal address, e.g. <address>[2001::1]</address> instead of <address>2001::1</address>, but I've not yet verified this. Also, if M/Monit connects to the IP address instead of the hostname, can and does it verify the SSL certificate?
-
repo owner @e477 the support for monit hosts on IPv6 address is fixed in the next M/Monit release (will be available soon).
-
Can we get a patch for this on 5.16 monit. Have issue with the new modes and don’t want to change the config file which was working in 5.16.
-
repo owner @Gautam Shejwalkar sorry but it would be waste of time to port it to 5.16. The latest version should be fully backward compatible with 5.16 - if you have some problems with the latest release, please let us know details
- Log in to comment