diff --git a/src/DNS.cc b/src/DNS.cc
index 40fe832e34..a3b0b62ef3 100644
--- a/src/DNS.cc
+++ b/src/DNS.cc
@@ -766,12 +766,20 @@ int DNS_Interpreter::ParseRR_AAAA(DNS_MsgInfo* msg,
 
 		if ( len < 0 )
 			{
-			analyzer->Weird("DNS_AAAA_neg_length");
+			if ( msg->atype == TYPE_AAAA )
+				analyzer->Weird("DNS_AAAA_neg_length");
+			else
+				analyzer->Weird("DNS_A6_neg_length");
 			return 0;
 			}
 		}
 
-	if ( dns_AAAA_reply && ! msg->skip_event )
+	EventHandlerPtr event;
+	if ( msg->atype == TYPE_AAAA )
+		event = dns_AAAA_reply;
+	else
+		event = dns_A6_reply;
+	if ( event && ! msg->skip_event )
 		{
 		val_list* vl = new val_list;
 
@@ -779,7 +787,7 @@ int DNS_Interpreter::ParseRR_AAAA(DNS_MsgInfo* msg,
 		vl->append(msg->BuildHdrVal());
 		vl->append(msg->BuildAnswerVal());
 		vl->append(new AddrVal(addr));
-		analyzer->ConnectionEvent(dns_AAAA_reply, vl);
+		analyzer->ConnectionEvent(event, vl);
 		}
 
 	return 1;
diff --git a/src/DPM.cc b/src/DPM.cc
index 2700c92933..c02db08c2f 100644
--- a/src/DPM.cc
+++ b/src/DPM.cc
@@ -17,22 +17,37 @@ ExpectedConn::ExpectedConn(const IPAddr& _orig, const IPAddr& _resp,
 	if ( _orig == IPAddr(string("0.0.0.0")) )
 		// don't use the IPv4 mapping, use the literal unspecified address
 		// to indicate a wildcard
-		orig[0] = orig[1] = orig[2] = orig[3] = 0;
+		orig = IPAddr(string("::"));
 	else
-		_orig.CopyIPv6(orig);
-	_resp.CopyIPv6(resp);
+		orig = _orig;
+	resp = _resp;
 	resp_p = _resp_p;
 	proto = _proto;
 	}
 
 ExpectedConn::ExpectedConn(const ExpectedConn& c)
 	{
-	memcpy(orig, c.orig, sizeof(orig));
-	memcpy(resp, c.resp, sizeof(resp));
+	orig = c.orig;
+	resp = c.resp;
 	resp_p = c.resp_p;
 	proto = c.proto;
 	}
 
+HashKey* ExpectedConn::GetKey() const
+	{
+	struct Key {
+		uint32 orig[4];
+		uint32 resp[4];
+		uint16 resp_p;
+		uint16 proto;
+	};
+	Key k;
+	orig.CopyIPv6(k.orig);
+	resp.CopyIPv6(k.resp);
+	k.resp_p = resp_p;
+	k.proto = proto;
+	return new HashKey(&k, sizeof(k));
+	}
 
 DPM::DPM()
 : expected_conns_queue(AssignedAnalyzer::compare)
@@ -134,23 +149,18 @@ AnalyzerTag::Tag DPM::GetExpected(int proto, const Connection* conn)
 	ExpectedConn c(conn->OrigAddr(), conn->RespAddr(),
 			ntohs(conn->RespPort()), proto);
 
-	// Can't use sizeof(c) due to potential alignment issues.
-	// FIXME: I guess this is still not portable ...
-	HashKey key(&c, sizeof(c.orig) + sizeof(c.resp) +
-				sizeof(c.resp_p) + sizeof(c.proto));
-
-	AssignedAnalyzer* a = expected_conns.Lookup(&key);
+	HashKey* key = c.GetKey();
+	AssignedAnalyzer* a = expected_conns.Lookup(key);
+	delete key;
 
 	if ( ! a )
 		{
 		// Wildcard for originator.
-		for ( int i = 0; i < 4; ++i )
-			c.orig[i] = 0;
+		c.orig = IPAddr(string("::"));
 
-		HashKey key(&c, sizeof(c.orig) + sizeof(c.resp) +
-				sizeof(c.resp_p) + sizeof(c.proto));
-
-		a = expected_conns.Lookup(&key);
+		HashKey* key = c.GetKey();
+		a = expected_conns.Lookup(key);
+		delete key;
 		}
 
 	if ( ! a )
@@ -393,11 +403,7 @@ void DPM::ExpectConnection(const IPAddr& orig, const IPAddr& resp,
 			{
 			if ( ! a->deleted )
 				{
-				HashKey* key = new HashKey(&a->conn,
-							sizeof(a->conn.orig) +
-							sizeof(a->conn.resp) +
-							sizeof(a->conn.resp_p) +
-							sizeof(a->conn.proto));
+				HashKey* key = a->conn.GetKey();
 				expected_conns.Remove(key);
 				delete key;
 				}
@@ -416,10 +422,9 @@ void DPM::ExpectConnection(const IPAddr& orig, const IPAddr& resp,
 
 	ExpectedConn c(orig, resp, resp_p, proto);
 
-	HashKey key(&c, sizeof(c.orig) + sizeof(c.resp) +
-			sizeof(c.resp_p) + sizeof(c.proto));
+	HashKey* key = c.GetKey();
 
-	AssignedAnalyzer* a = expected_conns.Lookup(&key);
+	AssignedAnalyzer* a = expected_conns.Lookup(key);
 
 	if ( a )
 		a->deleted = true;
@@ -431,8 +436,9 @@ void DPM::ExpectConnection(const IPAddr& orig, const IPAddr& resp,
 	a->timeout = network_time + timeout;
 	a->deleted = false;
 
-	expected_conns.Insert(&key, a);
+	expected_conns.Insert(key, a);
 	expected_conns_queue.push(a);
+	delete key;
 	}
 
 void DPM::Done()
@@ -443,11 +449,7 @@ void DPM::Done()
 		AssignedAnalyzer* a = expected_conns_queue.top();
 		if ( ! a->deleted )
 			{
-			HashKey* key = new HashKey(&a->conn,
-					sizeof(a->conn.orig) +
-					sizeof(a->conn.resp) +
-					sizeof(a->conn.resp_p) +
-					sizeof(a->conn.proto));
+			HashKey* key = a->conn.GetKey();
 			expected_conns.Remove(key);
 			delete key;
 			}
diff --git a/src/DPM.h b/src/DPM.h
index b3e5f8f17f..7e9150f3aa 100644
--- a/src/DPM.h
+++ b/src/DPM.h
@@ -32,8 +32,10 @@ public:
 
 	ExpectedConn(const ExpectedConn& c);
 
-	uint32 orig[4];
-	uint32 resp[4];
+	HashKey* GetKey() const;
+
+	IPAddr orig;
+	IPAddr resp;
 	uint16 resp_p;
 	uint16 proto;
 };
diff --git a/src/Expr.cc b/src/Expr.cc
index 848fe6d351..c995ae3d17 100644
--- a/src/Expr.cc
+++ b/src/Expr.cc
@@ -835,22 +835,30 @@ Val* BinaryExpr::StringFold(Val* v1, Val* v2) const
 
 Val* BinaryExpr::AddrFold(Val* v1, Val* v2) const
 	{
-	uint32 a1[4];
-	uint32 a2[4];
-	v1->AsAddr()->CopyIPv6(a1);
-	v2->AsAddr()->CopyIPv6(a2);
+	IPAddr* a1 = v1->AsAddr();
+	IPAddr* a2 = v2->AsAddr();
 	int result = 0;
 
 	switch ( tag ) {
-#undef DO_FOLD
-#define DO_FOLD(sense) { result = memcmp(a1, a2, 16) sense 0; break; }
 
-	case EXPR_LT:		DO_FOLD(<)
-	case EXPR_LE:		DO_FOLD(<=)
-	case EXPR_EQ:		DO_FOLD(==)
-	case EXPR_NE:		DO_FOLD(!=)
-	case EXPR_GE:		DO_FOLD(>=)
-	case EXPR_GT:		DO_FOLD(>)
+	case EXPR_LT:
+		result = *a1 < *a2;
+		break;
+	case EXPR_LE:
+		result = *a1 < *a2 || *a1 == *a2;
+		break;
+	case EXPR_EQ:
+		result = *a1 == *a2;
+		break;
+	case EXPR_NE:
+		result = *a1 != *a2;
+		break;
+	case EXPR_GE:
+		result = ! ( *a1 < *a2 );
+		break;
+	case EXPR_GT:
+		result = ( ! ( *a1 < *a2 ) ) && ( *a1 != *a2 );
+		break;
 
 	default:
 		BadTag("BinaryExpr::AddrFold", expr_name(tag));
diff --git a/src/IP.h b/src/IP.h
index 5733f633a2..ba37fb4c69 100644
--- a/src/IP.h
+++ b/src/IP.h
@@ -10,26 +10,22 @@
 class IP_Hdr {
 public:
 	IP_Hdr(struct ip* arg_ip4)
-		: ip4(arg_ip4), ip6(0),
-		  src_addr(arg_ip4->ip_src), dst_addr(arg_ip4->ip_dst), del(1)
+		: ip4(arg_ip4), ip6(0), del(1)
 		{
 		}
 
 	IP_Hdr(const struct ip* arg_ip4)
-		: ip4(arg_ip4), ip6(0),
-		  src_addr(arg_ip4->ip_src), dst_addr(arg_ip4->ip_dst), del(0)
+		: ip4(arg_ip4), ip6(0), del(0)
 		{
 		}
 
 	IP_Hdr(struct ip6_hdr* arg_ip6)
-		: ip4(0), ip6(arg_ip6),
-		  src_addr(arg_ip6->ip6_src), dst_addr(arg_ip6->ip6_dst), del(1)
+		: ip4(0), ip6(arg_ip6), del(1)
 		{
 		}
 
 	IP_Hdr(const struct ip6_hdr* arg_ip6)
-		: ip4(0), ip6(arg_ip6),
-		  src_addr(arg_ip6->ip6_src), dst_addr(arg_ip6->ip6_dst), del(0)
+		: ip4(0), ip6(arg_ip6), del(0)
 		{
 		}
 
@@ -47,8 +43,10 @@ public:
 	const struct ip* IP4_Hdr() const	{ return ip4; }
 	const struct ip6_hdr* IP6_Hdr() const	{ return ip6; }
 
-	const IPAddr& SrcAddr() const	{ return src_addr; }
-	const IPAddr& DstAddr() const	{ return dst_addr; }
+	IPAddr SrcAddr() const
+		{ return ip4 ? IPAddr(ip4->ip_src) : IPAddr(ip6->ip6_src); }
+	IPAddr DstAddr() const
+		{ return ip4 ? IPAddr(ip4->ip_dst) : IPAddr(ip6->ip6_dst); }
 
 	//TODO: needs adapting/replacement for IPv6 support
 	uint16 ID4() const	{ return ip4 ? ip4->ip_id : 0; }
@@ -92,8 +90,6 @@ public:
 private:
 	const struct ip* ip4;
 	const struct ip6_hdr* ip6;
-	IPAddr src_addr;
-	IPAddr dst_addr;
 	int del;
 };