IPv6-only flag set on v6 sockets prevents the use of v4-mapped addresses

Development discussion of WireGuard
 help / color / mirror / Atom feed

From: Nathaniel Filardo <nwfilardo@gmail.com>
To: wireguard@lists.zx2c4.com
Cc: Nathaniel Filardo <nwfilardo@gmail.com>
Subject: IPv6-only flag set on v6 sockets prevents the use of v4-mapped addresses
Date: Mon, 22 May 2023 07:48:04 +0100	[thread overview]
Message-ID: <CAKsvP2ZcqUvFD5g6vMxZrv7Z5+YAmoGBAh7zf8iZPPRE6LNEDg@mail.gmail.com> (raw)

Hello wireguard@,

I recently found out that in-Linux wireguard has, since its inception,
set its v6 sockets to v6-only
(https://github.com/torvalds/linux/blob/e7096c131e5161fa3b8e52a650d7719d2857adfd/drivers/net/wireguard/socket.c#L381)
and it keys only off the address family  to decide which socket to use
(https://github.com/torvalds/linux/blob/e7096c131e5161fa3b8e52a650d7719d2857adfd/drivers/net/wireguard/socket.c#L188).
This means that v4-mapped v6 addresses (::ffff:a.b.c.d) can be
registered as peer endpoints, but the kernel very silently won't try
to reach out.  Is that deliberate for some reason that eludes me?  If
it is, could the userspace tooling be educated about v4-mapped
addresses and translate them accordingly before handing them up to the
kernel; if it isn't, could we drop the v6-only flag on the kernel
socket?

Thanks for any input,
--nwf;

next             reply	other threads:[~2023-05-22 10:13 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-05-22  6:48 Nathaniel Filardo [this message]
2023-08-19  7:22 ` Daniel Gröber
2023-08-19 16:34   ` Nathaniel Filardo
2023-08-19 19:16     ` Daniel Gröber

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAKsvP2ZcqUvFD5g6vMxZrv7Z5+YAmoGBAh7zf8iZPPRE6LNEDg@mail.gmail.com \
    --to=nwfilardo@gmail.com \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).