Does ConfD provide support for IPv6?

The answer is yes. ConfD does provide support for both IPv4 and IPv6 for all the interfaces that it listens to including all the northbound interfaces and its internal interfaces for IPC including HA, Subagents and Proxies.

Refer to confd.conf, Volume 5 of the ConfD man-pages, for details on how to configure the IP addresses being used by the various ConfD interfaces.

Hi,

I tried to configure extraIpPorts.
When I configure valid IPv6 I got error:
localhost(config)# confdConfig netconf transport ssh extraIpPorts 2001:5429:0000:0000:0000:0000:0000:0090
localhost(config)# commit
Aborted: ‘confdConfig’: /confdConfig/netconf/transport/ssh/extraIpPorts: Invalid IP address ‘2001:5429:0000:0000:0000:0000:0000’ in /confdConfig/netconf/transport/ssh/extraIpPorts

When I configured addresses that you gave as example in the manual it succeeded:
localhost(config)# confdConfig netconf transport ssh extraIpPorts :::88
localhost(config)# commit
Commit complete.

but the address :::88 isn’t valid IPv6 address.

Thanks,

Evyatar

:: is a wildcard representation of the IPv6 address for 0:0:0:0:0:0:0:0.

You are missing a colon at the end of your IPv6 address when you leave out the port number.

Well, the problem is that since a) IPv6 addresses separates the components with ‘:’, b) IPv6 addresses can be given in shorthand form, i.e. with less than 7 ‘:’, and c) address and port number (for both IPv4 and IPv6) are separated by ‘:’, a value (such as the exraIpPorts elements) that is supposed to be address + optionally port is almost always ambiguous for IPv6 - unless the [ip]:port syntax (see https://tools.ietf.org/html/rfc5952#section-6) mentioned (and illustrated with a “[::]” example) in the documentation for all the extraIpPorts elements in the confd.conf(5) man page, is used.

Thus absent any [] in the value, ConfD will assume that the last ‘:’-separated element is a port number, and the preceding part is the address. Which works out correctly for “:::88” (adress = “::”, port = “88”), but not for “2001:5429:0000:0000:0000:0000:0000:0090” (address = “2001:5429:0000:0000:0000:0000:0000” - invalid, port = “0090”). Thus, unless you really know what you’re doing, it’s best to always use the [ip]:port syntax. I.e. if “2001:5429:0000:0000:0000:0000:0000:0090” is supposed to be an address without port number, give it as “[2001:5429:0000:0000:0000:0000:0000:0090]” (or “[2001:5429::90]” in shorthand form).