Postgres - pg_hba.conf configuration
pg_hba.conf control the client authentication for Postgres Database.
See http://www.postgresql.org/docs/8.3/static/auth-pg-hba-conf.html
So, if you encounter error message such as
That simply mean your pg_hba.conf does not allow host name fe80::d12f:1a6e:1234:a9cd and user postgres to connect to database name postgres
To allow that, you need to add an entry to pg_hba.conf
Before doing that fe80::d12f:1a6e:1234:a9cd%20 is a IPv6 address. Furthermore, fe80 is a link local prefix. Link local address is automatically assigned when no static IP address is assigned to the interface. This is equivalent to 169.254.0.0/16 for IPv4. You may notice that there is a %20 after the IPv6 address. In general, IPv6 zone format is Address%ZoneID. So, the above address zone id is 20 and this is use to identify the network interface for the address when you have multiple network interface in your machine or multiple network connection setting in your machine.
Now, to allow IPv6 client to connect to your Postgres Database, you can add the following lines
# TYPE DATABASE USER ADDRESS METHOD
#Allow all database and user from all IPv6 address to connect via md5
host all all ::0/0 md5
#Allow all database and user from all Link Local address to connect via md5
host all all fe80::0/10 md5
#Allow myuser to connect to mydb database from 2001:0db8:85a3:0000:0000:8a2e:0370:7334 via md5
host mydb myuser 2001:0db8:85a3:0000:0000:8a2e:0370:7334 md5
See http://www.postgresql.org/docs/8.3/static/auth-pg-hba-conf.html
So, if you encounter error message such as
FATAL: no pg_hba.conf entry for host "fe80::d12f:1a6e:1234:a9cd%20", user "postgres", database "postgres", SSL off
That simply mean your pg_hba.conf does not allow host name fe80::d12f:1a6e:1234:a9cd and user postgres to connect to database name postgres
To allow that, you need to add an entry to pg_hba.conf
Before doing that fe80::d12f:1a6e:1234:a9cd%20 is a IPv6 address. Furthermore, fe80 is a link local prefix. Link local address is automatically assigned when no static IP address is assigned to the interface. This is equivalent to 169.254.0.0/16 for IPv4. You may notice that there is a %20 after the IPv6 address. In general, IPv6 zone format is Address%ZoneID. So, the above address zone id is 20 and this is use to identify the network interface for the address when you have multiple network interface in your machine or multiple network connection setting in your machine.
Now, to allow IPv6 client to connect to your Postgres Database, you can add the following lines
# TYPE DATABASE USER ADDRESS METHOD
#Allow all database and user from all IPv6 address to connect via md5
host all all ::0/0 md5
#Allow all database and user from all Link Local address to connect via md5
host all all fe80::0/10 md5
#Allow myuser to connect to mydb database from 2001:0db8:85a3:0000:0000:8a2e:0370:7334 via md5
host mydb myuser 2001:0db8:85a3:0000:0000:8a2e:0370:7334 md5
Comments
Post a Comment