Hi, I need access over IPv6 to some points. I’d like use pritunl for this. I made EC2 instance in AWS with IPv6 address, install pritunl, enable IPv6 in Server, attach host to server.
I tried to check by http://ipv6test.google.com, but I have message “You don’t have IPv6, but you shouldn’t have problems on websites that add IPv6 support.”
I use server v1.30.3236.80 923e96 and last version of client for macOS.
I did step by step Pritunl Tutorial. Connect to IPv6 over IPv4 with Pritunl | by Pritunl | Pritunl Tutorials | Medium
Can you help me?
It may be a configuration issue on the server. Run
curl https://app6.pritunl.com/ip to verify the server has IPv6 connectivity. The server should have IPv6 enabled in the settings. The routes
::/0 should be shown.
Ok, I did small investigate and looks like it’s problem about working of DNS service in macOS: Name resolution not reconfigured for AAAA when IPv6 active only on VPN link · Issue #490 · Tunnelblick/Tunnelblick · GitHub
IPv6 routing is work, but OS ignore DNS server and can’t resolve AAAA records. It’s strange behavior, I will continue to investirage.
PING6(56=40+8+8 bytes) fd01:a032::10:3:36:14 --> 2603:c020:4009:2d02:b4ca:c6c4:b3df:7b37
16 bytes from 2603:c020:4009:2d02:b4ca:c6c4:b3df:7b37, icmp_seq=0 hlim=46 time=137.027 ms
16 bytes from 2603:c020:4009:2d02:b4ca:c6c4:b3df:7b37, icmp_seq=1 hlim=46 time=203.910 ms
16 bytes from 2603:c020:4009:2d02:b4ca:c6c4:b3df:7b37, icmp_seq=2 hlim=46 time=150.425 ms
16 bytes from 2603:c020:4009:2d02:b4ca:c6c4:b3df:7b37, icmp_seq=3 hlim=46 time=137.592 ms
16 bytes from 2603:c020:4009:2d02:b4ca:c6c4:b3df:7b37, icmp_seq=4 hlim=46 time=159.803 ms
--- app6.pritunl.com ping6 statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 137.027/157.751/203.910/24.594 ms
curl: (6) Could not resolve host: app6.pritunl.com
curl -k 'https://[2603:c020:4009:2d02:b4ca:c6c4:b3df:7b37]/ip' -H 'Host: app6.pritunl.com'
I text news if I can look for something new
It’s me again. I can’t get stable IPv6 connecting.
http://icmpcheckv6.popcount.org/ gives me the error below:
The request timed out. Looks like the ICMP Path MTU message was not delivered to you.
http://test-ipv6.com/ said me:
Danger! IPv6 sorta works - however, large packets appear to fail, giving the appearance of a broken website. If a publisher publishes to IPv6, you will believe their web site to be broken. Ask your ISP about MTU issues; possibly with your tunnel. Check your firewall to make sure that ICMPv6 messages are allowed (in particular, Type 2 or Packet Too Big).
I launched tcpdump, but I didn’t see any message about big MTU. I changed MSS value to 1200, 1280, 1400 but it couldn’t help. I’m at a dead end, any ideas?
That shouldn’t be an issue. If you are using a NAT configuration incoming connections won’t be sent to the client. Outgoing connections should be able to find the correct MTU. AWS doesn’t provide routed subnets so it will need to use NAT.
Ok, what main point, I have website and I’d like to check how it works for my clients who have only IPv6. I setup pritunl with IPv6, but it works strange, sometimes I have lose connection to part of my site (it’s external services where I try to connect), sometimes it works great. Also, another sites have the same situation. I’m not sure that I did all settings right. Unfortunatly I not enought know about IPv6.
Ok, I will continue investigate this question, thaks for answers