Hi, I am trying to get ipv6 firewall running. I did a very simple ip6tables rules and noticed very long running yum updates. I think that happened because firewall is dropping outgoing packets to port 80. Well, I thought to mitigate the issue and changed outgoing from drop to reject. Now I try manually # strace telnet 2a02:180:ffff:1::551f:b966 80 ... connect(3, {sa_family=AF_INET6, sin6_port=htons(80), inet_pton(AF_INET6, "2a02:180:ffff:1::551f:b966", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28 3 second delay ) = -1 ECONNREFUSED (Connection refused) ... The ECONNREFUSED is quite expected of course, but what is not expected that the connect syscall lasts 3 seconds. This 3 second delay is not happening with a equivalent telnet to a IPv4 address. Why is this 3 second delay? -- Kind Regards, Markus Falb
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos