Re: Request to change IPv4 preference - mobile apps

From: Nico Schottelius <nico.schottelius@ungleich.ch>
To: Will Tisdale <will@z3n.uk>
Cc: wireguard@lists.zx2c4.com
Subject: Re: Request to change IPv4 preference - mobile apps
Date: Wed, 08 May 2019 11:18:50 +0200	[thread overview]
Message-ID: <87k1f1tibp.fsf@line.ungleich.ch> (raw)
In-Reply-To: <CAFWLA-WB4hv_Y=0gnnQ=3UeJ1av0GQWg1=DQ+jMZfyuCBnJUbg@mail.gmail.com>

Hey Will,

even though I do prefer IPv6, the approach that you describe has been
shown to be rather error prone and is one of the reasons, why people
turn off IPv6 at the moment.

So in my opinion, using happy eyeballs would be the proper way of
handling the matter, as it gives users the best experience and has
proven to be working for browsers.

In terms of "flinging packets": there is at maximum 2 packets in this
state, as can be seen in the following diagram:

client -----> [v6] -----> server
       -----> [v4] ----->

client <----- [v6] <----- server
       <----- [v4] <-----

Τhen the client continues to use either of both protocols, let's say
ipv6 was faster in answering:

client -----> [v6] -----> server
client <----- [v6] <----- server
...

I don't think this any realistic problem, we are talking about a few
bytes per session / reconnect, not a generic overhead.

Best,

Nico

Will Tisdale <will@z3n.uk> writes:

> Hi Nico,
>
> Not sure how that would work with WireGuard being a stateless protocol.
> It also sounds a bit racey given that both v4 and v6 addresses would be
> flinging packets at essentially the same endpoint.
>
> I think the ‘proper’ way is to use the address returned in the AAAA record
> if one exists. If people’s setup is so broken that it becomes an issue,
> they
> will likely have worse issues than WG not working. :)
>
> Preferring v4 does weird things like WG using DNS64 addresses over real
> v6 addresses too - and using NAT64 instead of native v6 is really broken
> behaviour.
>
>
> Cheers,
>
>
> -Will
>
> On Mon, 6 May 2019 at 21:57, Nico Schottelius <nico.schottelius@ungleich.ch>
> wrote:
>
>>
>> Hey Will,
>>
>> I think the "proper" way to handle this is by using the happy eyeballs
>> algorithm: resolve AAAA and A, connect to both, use whatever answers
>> first.
>>
>> Best,
>>
>> Nico
>>
>> Will Tisdale <will@z3n.uk> writes:
>>
>> > Hello,
>> >
>> > I sent a message to the list about weirdness with IPv4 being preferred
>> > over IPv6 in the iOS app a few days ago, but it didn't get there for
>> > whatever reason.
>> >
>> > I've since done a bit of digging through the code and found that
>> > preferring IPv4 is intentional, and it's also implemented that way on
>> > the Android app too.
>> >
>> > It seems a shame to hobble native IPv6 support for everyone just to
>> > work around some peoples misconfigured setups.
>> >
>> > My suggestion/request would be to change the apps to prefer IPv6 as
>> > default, but add a switch to the apps to disable IPv6 or prefer IPv4
>> > for those with broken setups.
>> >
>> > Does that seem reasonable?
>> >
>> >
>> > Cheers,
>> >
>> >
>> > -Will
>> > _______________________________________________
>> > WireGuard mailing list
>> > WireGuard@lists.zx2c4.com
>> > https://lists.zx2c4.com/mailman/listinfo/wireguard
>>
>>
>> --
>> Your Swiss, Open Source and IPv6 Virtual Machine. Now on
>> www.datacenterlight.ch.
>>

--
Your Swiss, Open Source and IPv6 Virtual Machine. Now on www.datacenterlight.ch.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard