Agent Host Name is IPv6?

Hi all,

After upgrading our Windows Unified Connectors, we've started to the Agent Host Name being presented as - what at least seems to be - an IPv6 address, when investigating the event in ESM.

I could look something like this: fe80:0:0:0:250:56ff:fe96:2748%2

Anyone else facing this problem - or maybe even been able to find the cause for it?



Labels (2)
1 Reply

Hm, this is a link-local ipv6 address (at least up to the %2 at the end), which modern OSes often automagically assign to interfaces in addition to ipv4 (and always in addition to a routable ipv6 adddress if you are actually using ipv6).

My guess -  the new connector version is ipv6 aware, thinks this is really an ipv6 enabled box (which it isn't if the interface has only a link-local address) and then tries to do a reverse lookup on this in order to find the agent hostname - which will obviously fail in an ipv4 only environment and also should fail always for link-local addresses:

RFC4472 Operational Considerations and Issues with IPv6 DNS, Page 4

2.1. Limited-Scope Addresses

  The IPv6 addressing architecture [RFC4291] includes two kinds of

  local-use addresses: link-local (fe80::/10) and site-local

  (fec0::/10). The site-local addresses have been deprecated [RFC3879]

  but are discussed with unique local addresses in Appendix A.

  Link-local addresses should never be published in DNS (whether in

  forward or reverse tree), because they have only local (to the

  connected link) significance [WIP-DC2005].

I'd say - bug it. As a workaround in case you're not actually using ipv6 I'd try to disable dual-stack on the OS level and the problem should go away.


The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.