Resolve hostname to IPv6 address in listen directive

Michael Shadle mike503 at
Wed Aug 25 11:30:18 MSD 2010

I say "a" is a better option out of the two. Follows nginx configuration style and I actually thought at first maybe [] were part of a special ipv6 markup. So that even confused me at first :)

On Aug 25, 2010, at 12:27 AM, Matthias-Christian Ott <ott at> wrote:

> At the moment nignx does not allow IPv6 addresses to specified by
> hostname in a listen directive, that is the following will not work:
>  listen;
>  listen [];
>  listen ipv6only=on;
>  listen [] ipv6only=on;
> Though I see a potential security problem with hostnames here (this
> also applies to IPv4), because DNS replies can be manipulated if
> DNSSEC is not used, I think that this feature would be helpful and
> simplifies administration.
> Given that resolves to an IPv4 and IPv6 address, simply
> binding to both addresses with the following directive would break
> backwards compatibility: listen;
> For backwards compatibility I propose the following to resolve the
> IPv6 addresses of a hostname and listen on them:
> a) listen ipv6only=on;
> b) listen [];
> Solution b) has the disadvantage that it doesn't conform to RFC 3986.
> Due to the fact that IPv4 will be a legacy addressing scheme in the
> future, one could also consider to break backwards compatibility and
> introduce the option ipv4only.
> I would prefer this solution for 0.8 and propose solution a) for 0.7
> and 0.8. So in 0.7 IPv4 addresses would be default for hostnames and
> hostnames would only be resolved to IPv6 addresses if ipv6only is
> present and in 0.8 both addresses would be resolved and the user can
> choose between one of the address families with the options ipv4only
> and ipv6only.
> What do you think?
> Regards,
> Matthias-Christian
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at

More information about the nginx-devel mailing list