Development discussion of WireGuard
 help / color / mirror / Atom feed
* Re: wireguard android don't prefer IPV6 endpoint
       [not found] <ead64d0f-af1e-8d5c-3d87-ed14902c5e1e@pregonetwork.net>
@ 2021-01-02  8:27 ` Jérémy Prego
  2021-01-03 13:48   ` Harsh Shandilya
  0 siblings, 1 reply; 6+ messages in thread
From: Jérémy Prego @ 2021-01-02  8:27 UTC (permalink / raw)
  To: wireguard, team

I confirm the same problem in wifi

Le 27/12/2020 à 07:02, Jérémy Prego a écrit :
> hello,
>
> I've always encountered a bug with android wireguard when using an ipv4
> / ipv6 endpoint.
>
> I tested with two phones:
> Huawei p10 lite android 8.0 emui 8
> Xiaomi poco m3 android 10.0 miui 12
>
> When i'm in LTE (not yet been able to test in wifi), wireguard connects
> to the endpoint in ipv4 and not in ipv6, and i don't understand why it
> is doing that.
> However, chrome, for example, does use ipv6 by default and not ipv4.
>
> My phone does recover an ipv6 in 2a01: cb1a ........ / 64 and not an
> ipv6 type fc00 / fd00 / fe80 ...
> I also specify that if I only have an AAAA record, the tunnel works fine
> in ipv6. but suddenly, I can no longer connect to wifi which only have ipv4.
>
> I would like wireguard to favor ipv6 when it is available, and otherwise
> switch to ipv4.
>
> Is it possible ?
>
> Thanks,
>
> Jerem


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: wireguard android don't prefer IPV6 endpoint
  2021-01-02  8:27 ` wireguard android don't prefer IPV6 endpoint Jérémy Prego
@ 2021-01-03 13:48   ` Harsh Shandilya
  2021-01-03 15:58     ` Jérémy Prego
  0 siblings, 1 reply; 6+ messages in thread
From: Harsh Shandilya @ 2021-01-03 13:48 UTC (permalink / raw)
  To: Jérémy Prego; +Cc: wireguard, team

Hey Jérémy,

On 2021-01-02 08:27, Jérémy Prego wrote:
> I confirm the same problem in wifi
> 
> Le 27/12/2020 à 07:02, Jérémy Prego a écrit :
>> hello,
>> 
>> I've always encountered a bug with android wireguard when using an 
>> ipv4
>> / ipv6 endpoint.
>> 
>> I tested with two phones:
>> Huawei p10 lite android 8.0 emui 8
>> Xiaomi poco m3 android 10.0 miui 12
>> 
>> When i'm in LTE (not yet been able to test in wifi), wireguard 
>> connects
>> to the endpoint in ipv4 and not in ipv6, and i don't understand why it
>> is doing that.

The WireGuard Android client is designed to prefer IPv4 over IPv6 as of 
now 
(https://git.zx2c4.com/wireguard-android/tree/tunnel/src/main/java/com/wireguard/config/InetEndpoint.java#n97). 
This may or may not change in the future, and we'll announce here if it 
does.

>> However, chrome, for example, does use ipv6 by default and not ipv4.
>> 
>> My phone does recover an ipv6 in 2a01: cb1a ........ / 64 and not an
>> ipv6 type fc00 / fd00 / fe80 ...
>> I also specify that if I only have an AAAA record, the tunnel works 
>> fine
>> in ipv6. but suddenly, I can no longer connect to wifi which only have 
>> ipv4.
>> 
>> I would like wireguard to favor ipv6 when it is available, and 
>> otherwise
>> switch to ipv4.
>> 
>> Is it possible ?
>> 
>> Thanks,
>> 
>> Jerem

Cheers,
Harsh

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: wireguard android don't prefer IPV6 endpoint
  2021-01-03 13:48   ` Harsh Shandilya
@ 2021-01-03 15:58     ` Jérémy Prego
  2021-01-03 16:44       ` Harsh Shandilya
  2021-09-26 11:02       ` Jérémy Prego
  0 siblings, 2 replies; 6+ messages in thread
From: Jérémy Prego @ 2021-01-03 15:58 UTC (permalink / raw)
  To: Harsh Shandilya; +Cc: wireguard, team

hello Harsh,

> The WireGuard Android client is designed to prefer IPv4 over IPv6 as
> of now
why did you make this choice? is there a known bug with ipv6? I think it
would be useful to put an option in the wireguard application, so that
we can choose.

if I want to use an ipv6 tunnel, do I have another solution than to
create 2 tunels, one in ipv6 only, and another in ipv4 in order to be
able to use ipv6 when available and ipv4 when the place where i am has
no ipv6?

I did not manage to add 2 endpoint in a single tunnel to put an endpoint
only ipv6 and another endpoint ipv4 / ipv6 to bypass the problem

thanks,

Jerem
Le 03/01/2021 à 14:48, Harsh Shandilya a écrit :
> Hey Jérémy,
>
> On 2021-01-02 08:27, Jérémy Prego wrote:
>> I confirm the same problem in wifi
>>
>> Le 27/12/2020 à 07:02, Jérémy Prego a écrit :
>>> hello,
>>>
>>> I've always encountered a bug with android wireguard when using an ipv4
>>> / ipv6 endpoint.
>>>
>>> I tested with two phones:
>>> Huawei p10 lite android 8.0 emui 8
>>> Xiaomi poco m3 android 10.0 miui 12
>>>
>>> When i'm in LTE (not yet been able to test in wifi), wireguard connects
>>> to the endpoint in ipv4 and not in ipv6, and i don't understand why it
>>> is doing that.
>
> The WireGuard Android client is designed to prefer IPv4 over IPv6 as
> of now
> (https://git.zx2c4.com/wireguard-android/tree/tunnel/src/main/java/com/wireguard/config/InetEndpoint.java#n97).
> This may or may not change in the future, and we'll announce here if
> it does.
>
>>> However, chrome, for example, does use ipv6 by default and not ipv4.
>>>
>>> My phone does recover an ipv6 in 2a01: cb1a ........ / 64 and not an
>>> ipv6 type fc00 / fd00 / fe80 ...
>>> I also specify that if I only have an AAAA record, the tunnel works
>>> fine
>>> in ipv6. but suddenly, I can no longer connect to wifi which only
>>> have ipv4.
>>>
>>> I would like wireguard to favor ipv6 when it is available, and
>>> otherwise
>>> switch to ipv4.
>>>
>>> Is it possible ?
>>>
>>> Thanks,
>>>
>>> Jerem
>
> Cheers,
> Harsh


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: wireguard android don't prefer IPV6 endpoint
  2021-01-03 15:58     ` Jérémy Prego
@ 2021-01-03 16:44       ` Harsh Shandilya
  2021-09-26 11:02       ` Jérémy Prego
  1 sibling, 0 replies; 6+ messages in thread
From: Harsh Shandilya @ 2021-01-03 16:44 UTC (permalink / raw)
  To: Jérémy Prego; +Cc: wireguard, team, Jason


Hey Jérémy,

On 2021-01-03 15:58, Jérémy Prego wrote:
> hello Harsh,
> 
>> The WireGuard Android client is designed to prefer IPv4 over IPv6 as
>> of now
> why did you make this choice? is there a known bug with ipv6? I think 
> it
> would be useful to put an option in the wireguard application, so that
> we can choose.

Seems like the origin of this behavior is this[1] commit that cites 
issues with DNS64. I've CC'ed Jason who originally wrote the commit and 
should have better insight into it.

> 
> if I want to use an ipv6 tunnel, do I have another solution than to
> create 2 tunels, one in ipv6 only, and another in ipv4 in order to be
> able to use ipv6 when available and ipv4 when the place where i am has
> no ipv6?

I believe that's the way as of now, yes.

> 
> I did not manage to add 2 endpoint in a single tunnel to put an 
> endpoint
> only ipv6 and another endpoint ipv4 / ipv6 to bypass the problem
> 
> thanks,
> 
> Jerem
> Le 03/01/2021 à 14:48, Harsh Shandilya a écrit :
>> Hey Jérémy,
>> 
>> On 2021-01-02 08:27, Jérémy Prego wrote:
>>> I confirm the same problem in wifi
>>> 
>>> Le 27/12/2020 à 07:02, Jérémy Prego a écrit :
>>>> hello,
>>>> 
>>>> I've always encountered a bug with android wireguard when using an 
>>>> ipv4
>>>> / ipv6 endpoint.
>>>> 
>>>> I tested with two phones:
>>>> Huawei p10 lite android 8.0 emui 8
>>>> Xiaomi poco m3 android 10.0 miui 12
>>>> 
>>>> When i'm in LTE (not yet been able to test in wifi), wireguard 
>>>> connects
>>>> to the endpoint in ipv4 and not in ipv6, and i don't understand why 
>>>> it
>>>> is doing that.
>> 
>> The WireGuard Android client is designed to prefer IPv4 over IPv6 as
>> of now
>> (https://git.zx2c4.com/wireguard-android/tree/tunnel/src/main/java/com/wireguard/config/InetEndpoint.java#n97).
>> This may or may not change in the future, and we'll announce here if
>> it does.
>> 
>>>> However, chrome, for example, does use ipv6 by default and not ipv4.
>>>> 
>>>> My phone does recover an ipv6 in 2a01: cb1a ........ / 64 and not an
>>>> ipv6 type fc00 / fd00 / fe80 ...
>>>> I also specify that if I only have an AAAA record, the tunnel works
>>>> fine
>>>> in ipv6. but suddenly, I can no longer connect to wifi which only
>>>> have ipv4.
>>>> 
>>>> I would like wireguard to favor ipv6 when it is available, and
>>>> otherwise
>>>> switch to ipv4.
>>>> 
>>>> Is it possible ?
>>>> 
>>>> Thanks,
>>>> 
>>>> Jerem
>> 
>> Cheers,
>> Harsh

1: 
https://git.zx2c4.com/wireguard-android/commit/?h=c23d58bc27cf9807fc3405c8c99cc67cf4b21f25

Cheers,
Harsh

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: wireguard android don't prefer IPV6 endpoint
  2021-01-03 15:58     ` Jérémy Prego
  2021-01-03 16:44       ` Harsh Shandilya
@ 2021-09-26 11:02       ` Jérémy Prego
  2021-09-26 11:50         ` tlhackque
  1 sibling, 1 reply; 6+ messages in thread
From: Jérémy Prego @ 2021-09-26 11:02 UTC (permalink / raw)
  To: wireguard; +Cc: team

Hello,

I think it is useful that I revive this topic.

is it possible to add an option so that i can use an ipv4 / ipv6 
endpoint but using ipv6 by default when available?

With the shortage of ipv4, internet operators now very often provide 
subscribers with native ipv6 but ipv4 in tunnel, hence the performance 
of the wireguard tunnel is affected by this, as it uses ipv4 by default.

if this is not possible in the official client, which wireguard client 
would allow me to have this behavior?

Thanks,

Jerem
Le 03/01/2021 à 16:58, Jérémy Prego a écrit :
> hello Harsh,
>
>> The WireGuard Android client is designed to prefer IPv4 over IPv6 as
>> of now
> why did you make this choice? is there a known bug with ipv6? I think it
> would be useful to put an option in the wireguard application, so that
> we can choose.
>
> if I want to use an ipv6 tunnel, do I have another solution than to
> create 2 tunels, one in ipv6 only, and another in ipv4 in order to be
> able to use ipv6 when available and ipv4 when the place where i am has
> no ipv6?
>
> I did not manage to add 2 endpoint in a single tunnel to put an endpoint
> only ipv6 and another endpoint ipv4 / ipv6 to bypass the problem
>
> thanks,
>
> Jerem
> Le 03/01/2021 à 14:48, Harsh Shandilya a écrit :
>> Hey Jérémy,
>>
>> On 2021-01-02 08:27, Jérémy Prego wrote:
>>> I confirm the same problem in wifi
>>>
>>> Le 27/12/2020 à 07:02, Jérémy Prego a écrit :
>>>> hello,
>>>>
>>>> I've always encountered a bug with android wireguard when using an ipv4
>>>> / ipv6 endpoint.
>>>>
>>>> I tested with two phones:
>>>> Huawei p10 lite android 8.0 emui 8
>>>> Xiaomi poco m3 android 10.0 miui 12
>>>>
>>>> When i'm in LTE (not yet been able to test in wifi), wireguard connects
>>>> to the endpoint in ipv4 and not in ipv6, and i don't understand why it
>>>> is doing that.
>> The WireGuard Android client is designed to prefer IPv4 over IPv6 as
>> of now
>> (https://git.zx2c4.com/wireguard-android/tree/tunnel/src/main/java/com/wireguard/config/InetEndpoint.java#n97).
>> This may or may not change in the future, and we'll announce here if
>> it does.
>>
>>>> However, chrome, for example, does use ipv6 by default and not ipv4.
>>>>
>>>> My phone does recover an ipv6 in 2a01: cb1a ........ / 64 and not an
>>>> ipv6 type fc00 / fd00 / fe80 ...
>>>> I also specify that if I only have an AAAA record, the tunnel works
>>>> fine
>>>> in ipv6. but suddenly, I can no longer connect to wifi which only
>>>> have ipv4.
>>>>
>>>> I would like wireguard to favor ipv6 when it is available, and
>>>> otherwise
>>>> switch to ipv4.
>>>>
>>>> Is it possible ?
>>>>
>>>> Thanks,
>>>>
>>>> Jerem
>> Cheers,
>> Harsh


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: wireguard android don't prefer IPV6 endpoint
  2021-09-26 11:02       ` Jérémy Prego
@ 2021-09-26 11:50         ` tlhackque
  0 siblings, 0 replies; 6+ messages in thread
From: tlhackque @ 2021-09-26 11:50 UTC (permalink / raw)
  To: wireguard

On 26-Sep-21 07:02, Jérémy Prego wrote:
> Hello,
>
> I think it is useful that I revive this topic.
>
> is it possible to add an option so that i can use an ipv4 / ipv6
> endpoint but using ipv6 by default when available?
>
> With the shortage of ipv4, internet operators now very often provide
> subscribers with native ipv6 but ipv4 in tunnel, hence the performance
> of the wireguard tunnel is affected by this, as it uses ipv4 by default.
>
> if this is not possible in the official client, which wireguard client
> would allow me to have this behavior?
>
> Thanks,
>
> Jerem
> Le 03/01/2021 à 16:58, Jérémy Prego a écrit :
>> hello Harsh,
>>
>>> The WireGuard Android client is designed to prefer IPv4 over IPv6 as
>>> of now
>> why did you make this choice? is there a known bug with ipv6? I think it
>> would be useful to put an option in the wireguard application, so that
>> we can choose.
>>
>> if I want to use an ipv6 tunnel, do I have another solution than to
>> create 2 tunels, one in ipv6 only, and another in ipv4 in order to be
>> able to use ipv6 when available and ipv4 when the place where i am has
>> no ipv6?
>>
>> I did not manage to add 2 endpoint in a single tunnel to put an endpoint
>> only ipv6 and another endpoint ipv4 / ipv6 to bypass the problem
>>
>> thanks,
>>
>> Jerem
>> Le 03/01/2021 à 14:48, Harsh Shandilya a écrit :
>>> Hey Jérémy,
>>>
>>> On 2021-01-02 08:27, Jérémy Prego wrote:
>>>> I confirm the same problem in wifi
>>>>
>>>> Le 27/12/2020 à 07:02, Jérémy Prego a écrit :
>>>>> hello,
>>>>>
>>>>> I've always encountered a bug with android wireguard when using an
>>>>> ipv4
>>>>> / ipv6 endpoint.
>>>>>
>>>>> I tested with two phones:
>>>>> Huawei p10 lite android 8.0 emui 8
>>>>> Xiaomi poco m3 android 10.0 miui 12
>>>>>
>>>>> When i'm in LTE (not yet been able to test in wifi), wireguard
>>>>> connects
>>>>> to the endpoint in ipv4 and not in ipv6, and i don't understand
>>>>> why it
>>>>> is doing that.
>>> The WireGuard Android client is designed to prefer IPv4 over IPv6 as
>>> of now
>>> (https://git.zx2c4.com/wireguard-android/tree/tunnel/src/main/java/com/wireguard/config/InetEndpoint.java#n97).
>>>
>>> This may or may not change in the future, and we'll announce here if
>>> it does.
>>>
>>>>> However, chrome, for example, does use ipv6 by default and not ipv4.
>>>>>
>>>>> My phone does recover an ipv6 in 2a01: cb1a ........ / 64 and not an
>>>>> ipv6 type fc00 / fd00 / fe80 ...
>>>>> I also specify that if I only have an AAAA record, the tunnel works
>>>>> fine
>>>>> in ipv6. but suddenly, I can no longer connect to wifi which only
>>>>> have ipv4.
>>>>>
>>>>> I would like wireguard to favor ipv6 when it is available, and
>>>>> otherwise
>>>>> switch to ipv4.
>>>>>
>>>>> Is it possible ?
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Jerem
>>> Cheers,
>>> Harsh
>
I agree that it should be selectable - but note that there are many
inverse situations, where IPv6 is tunneled and IPv4 is direct.  There
are still ISPs (including half of mine) that will not provide end users
with an IPv6 native connection. 

This is a bit difficult, since the situation can occur at both the
client and server end.  For the server end, if the client knows what's
best for the server, the tunnel configuration could be set to prefer the
best protocol.  But for a roaming client, it's not so easy.  E.g. Using
Cellphone wireless is almost always IPv6, but if connected via WiFi,
it's almost always IPv4.  And if you plug your portable machine into a
client's ethernet, you don't know what you'll get (or whether its
connection is tunneled).

So if the client does anything, it probably needs a 3-way switch: "Use
IPv4", "Use IPv6", "Autoselect".  (Or if you really want to complicate
things, you could break Autoselect into Auto-prefer IPv4 and Auto-prefer
IPv6.)  While this makes sense to technical people, it's not obvious
that the performance difference is worth exposing the complication to
all users.

Since there's also the issue of which DNS servers to use when resolving
the endpoint name - perhaps it's time for an "advanced" sub-panel of
options in the GUI.  Keeping things simple for the casual/first-time
user is a strength of WireGuard.

For what it's worth, you can specify a numeric IP address to force IPv6
- e.g. [2001:db8::1234]:5522

Of course, that doesn't work if your endpoint address is dynamic & you
need the DNS lookup.

With respect to Chrome - last I knew, it uses the "Happy Eyeballs"
(RFC6555/8305) algorithm, which tries to prefer IPv6.  And there's
no(longer) any way to influence it in Chrome.

Basic address selection is up to the OS - see rfc6724, 3484.  Most
provide a way to specify a global preference - which in the situation
you described, you probably want to do when not tunneled.  E.g. for
glib-based systems, see /etc/gai.conf, and for windows see the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\
registry key.

If you control the endpoint, another approach is to add a DNS record
that only returns the AAAA record (for the IPv6) address, e.g.
endpoint.v6.example.net.  For situations like this, I often have three
address records - the generic host.example.net, and host.v6.example.net
and host.v4.example.net.  But I try not to expose the latter two.

I wish things were simpler...





^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2021-09-26 11:50 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <ead64d0f-af1e-8d5c-3d87-ed14902c5e1e@pregonetwork.net>
2021-01-02  8:27 ` wireguard android don't prefer IPV6 endpoint Jérémy Prego
2021-01-03 13:48   ` Harsh Shandilya
2021-01-03 15:58     ` Jérémy Prego
2021-01-03 16:44       ` Harsh Shandilya
2021-09-26 11:02       ` Jérémy Prego
2021-09-26 11:50         ` tlhackque

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).