[Iftop-users] v6 dns display error

Stuart D. Gathman stuart at gathman.org
Mon Feb 6 17:12:29 GMT 2017


On Mon, 6 Feb 2017, Paul Warren wrote:

> On 03/02/17 19:03, jens wrote:
>
>>  hey, i happily use iftop for months
>>
>>  i now recognize some strange behaviour
>>
>>  using iftop on an wireguard vpn tunnel (layer3)  if i can easily see all
>>  the endpoints for IPv4 . they are shown as they should
>>  in that case 192.168.99.something
>>
>>  if i use v6 inside this wireguard tunnel .. so the IPs are more like
>>  fdf1::16:3e75:72af (/64) than there is only one ip shown all the time -
>>  or one dns entry (from /etc/hosts)
>> 
> I've not been able to reproduce this.  Can you confirm what version of iftop 
> you're using?

It works if all IPv6 rDNS lookups succeed.  Even if most IPv6 rDNS
lookups succeed, you might not notice the problem (and that is when it
is the most dangerous).  The best way to reproduce is
to run on a local IPv6 subnet where *none* of the IPv6 lookups succeed,
or else point /etc/resolv.conf to a local dnsmasq with ip6.arpa set
to always return NXDOMAIN.  Then all IPv6 will display as the same
raw IP, and you will surely notice.

-- 
 	      Stuart D. Gathman <stuart at gathman.org>
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.



More information about the iftop-users mailing list