The situation is simple. When doing server stress ( multiple servers ) Most of the time I am getting granted access, but one in 1000 gets denied. I am using IPv6. [Wed Mar 04 20:31:01.732244 2020] [authz_core:debug] [pid 90852] mod_authz_core.c(817): [client VVVV:VVVV:VVVV:0:ab7a:f807:c2ab:839d:59240] AH01626: authorization result of Require ip VVVV:VVVV:VVVV::/48: granted [Wed Mar 04 20:31:04.321152 2020] [authz_core:debug] [pid 90851] mod_authz_core.c(817): [client VVVV:VVVV:VVVV:0:ab7a:f807:c2ab:839d:47284] AH01626: authorization result of Require ip VVVV:VVVV:VVVV::/48: denied <Directory "/usr/local/www/"> Allowoverride FileInfo Options +FollowSymLinks -SymLinksIfOwnerMatch +Includes AllowOverride All AuthType Basic AuthBasicProvider file AuthName "Password Required" AuthUserFile "/usr/local/etc/apache24/.htpasswd" <RequireAny> Require ip XX.XX.XX.XX Require ip XX.XX.XX.XX Require ip XX.XX.XX.XX Require ip VVVV:VVVV:VVVV::/48 Require valid-user </RequireAny> </Directory> #apachectl -V Server version: Apache/2.4.41 (FreeBSD) Server built: unknown Server's Module Magic Number: 20120211:88 Server loaded: APR 1.7.0, APR-UTIL 1.6.1 Compiled using: APR 1.7.0, APR-UTIL 1.6.1 Architecture: 64-bit Server MPM: prefork threaded: no forked: yes (variable process count) Server compiled with.... -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_FLOCK_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=256 -D HTTPD_ROOT="/usr/local" -D SUEXEC_BIN="/usr/local/sbin/suexec" -D DEFAULT_PIDLOG="/var/run/httpd.pid" -D DEFAULT_SCOREBOARD="/var/run/apache_runtime_status" -D DEFAULT_ERRORLOG="/var/log/httpd-error.log" -D AP_TYPES_CONFIG_FILE="etc/apache24/mime.types" -D SERVER_CONFIG_FILE="etc/apache24/httpd.conf"
Quite surprising, not aware of similar reports. Might need some help debugging it. e.g. add an abort() before the "return AUTHZ_DENIED" in mod_authz_host.c's ip_check_authorization() function and then capture a core dump for the rare failure case and see if something looks corrupt. What CPU architecture?