Hello, I understood that wireguard prefers ipv6 over ipv4 by default. Nevertheless, on both Windows and Android I do not get a connection (only sent bytes no received bytes) when using my domain (friedel.dynv6.net). If I use the IP (2a00:6020:1bfb:c700:ba27:ebff:fe3e:6c55), I get a normal connection. I can imagine that WG uses ipv4 (the A-record is set, I cannot change that, but it points to an invalid ip) How can I -when using the domain- enforce that ipv6 is really used? Apart from that, my suspicion is that ipv4 is in fact used here... How can I really find out, why I get no bytes on the received counter? Best regards, Hendrik
17.04.2022 10:20:03 Hendrik Friedel <hendrik@friedels.name>:
> Hello,
>
> I understood that wireguard prefers ipv6 over ipv4 by default.
> Nevertheless, on both Windows and Android I do not get a connection (only sent bytes no received bytes) when using my domain (friedel.dynv6.net). If I use the IP (2a00:6020:1bfb:c700:ba27:ebff:fe3e:6c55), I get a normal connection.
> I can imagine that WG uses ipv4 (the A-record is set, I cannot change that, but it points to an invalid ip)
>
> How can I -when using the domain- enforce that ipv6 is really used?
>
> Apart from that, my suspicion is that ipv4 is in fact used here... How can I really find out, why I get no bytes on the received counter?
>
> Best regards,
> Hendrik
Hi Hendrik,
the WireGuard mobile apps prefer IPv4 for connecting to the peer, since this helps roaming between networks (where many are still IPv4-only). If the A record of the Endpoint domain is broken, it won't work.
If you want to force an IPv6 transport, you either need to put a raw IPv6 address into Endpoint, or use an AAAA-only domain.
Hope this helps,
Kilian
Hello Kilian, thanks for your reply. >the WireGuard mobile apps prefer IPv4 for connecting to the peer, since this helps roaming between networks (where many are still IPv4-only). understood. Is that documented somewhere? For the Windows-Client, I did read somewhere that ipv6 is preferred. I find it inconsistent, that the clients behave differently. >If you want to force an IPv6 transport, you either need to put a raw IPv6 address into Endpoint, or use an AAAA-only domain Intuitively, I tried [my.domain.com]:51280 in order to enforce ipv6 (just like ipv6 adresses are enclosed in []. Would that not be an enhancement to the app? Best regards, Hendrik >