Re: TCP/IP with 7.4 beta2 broken?

Andrew Dunstan wrote:
> > This doesn't look consistent to me. Local addresses can be all 
> > addresses that the host's interfaces are currently configured with, 
> > loopback is nothing special in this sense. The admin can easily do 
> > 'ifconfig' to see all addresses configured and enter them into 
> > pg_hba.conf, because these addresses are obvious.
> 
> 
> We currently have this in the default pg_hba.conf file:
> 
>   host all all 127.0.0.1 255.255.255.255 trust
> 
> The idea was to have something which would perform equivalently on IP4 
> only, IP4 over IP6 and pure IP6 connections, without breaking the 
> postmaster host in any of them.
> 
> It is perfectly true that it could be mangled by the administrator - 
> this would save him/her having to do so for the default case. In my 
> proposal you would replace this default line with:
> 
>   loopback all all trust
> 
> It's the fact that it is the default that makes it special. Does that 
> make things clearer?

We have avoided doing dns lookups from pg_hba.conf, and hence the use of
127.0.0.1 instead of localhost.  Now that we cache pg_hba.conf, we could
consider allowing hostnames in pg_hba.conf.  Is that a TODO?

As for the IPv6 issue --- how prevalent is this problem.  What OS
versions are affected?  Has the user done something special to enable
this?

--  Bruce Momjian                        |  http://candle.pha.pa.us pgman@candle.pha.pa.us               |  (610)
359-1001+  If your life is a hard drive,     |  13 Roberts Road +  Christ can be your backup.        |  Newtown Square,
Pennsylvania19073