Hi Guys!
I've installed a Softether VPN-Server and use it via OpenVPN. It all works fine but my IPv6 seems to leak. What can I do? With Pritunl I had no problem, I could just enable IPv6 to get the Server's IPv6.
But I need a VPN-Server where I can limit the bandwidth, Softether seems to be the only one with that option.
Could you give mit any help?
Thank you very much!
IPv6 Leak?!
-
moatazelmasry
- Posts: 336
- Joined: Sat Aug 15, 2015 7:41 pm
Re: IPv6 Leak?!
Are you talking about memory leak?
Could you please explain how to reproduce this behavior?
Could you please explain how to reproduce this behavior?
-
moatazelmasry
- Posts: 336
- Joined: Sat Aug 15, 2015 7:41 pm
Re: IPv6 Leak?!
Or did you mean Dual stack leage in VPN??
https://tools.ietf.org/html/rfc7359
https://tools.ietf.org/html/rfc7359
-
Sironketchup
- Posts: 3
- Joined: Mon Feb 06, 2017 10:52 am
Re: IPv6 Leak?!
Hi! Thanks for your answers!
I think it's the second one. I got a dual stack Internet connection and when I use the Softether VPN the IPv6 Traffic leaks.
If I use Pritunl (where I activate IPv6) then there is no Traffic leaking, it's just saying there is no IPv6 connection.
I've tried so much, working on this for weeks but can't get that done with Softether. Both use Open VPN.
That's the Pritunl login-log:
Sun Feb 19 16:29:08 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 19 16:29:08 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 19 16:29:08 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]188.209.52.96:10789
Sun Feb 19 16:29:08 2017 UDP link local: (not bound)
Sun Feb 19 16:29:08 2017 UDP link remote: [AF_INET]188.209.52.96:10789
Sun Feb 19 16:29:08 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Feb 19 16:29:08 2017 VERIFY OK: depth=1, O=58a9853521232f07f47e74cb, CN=58a9853521232f07f47e74cc
Sun Feb 19 16:29:08 2017 Validating certificate key usage
Sun Feb 19 16:29:08 2017 ++ Certificate has key usage 00a0, expects 00a0
Sun Feb 19 16:29:08 2017 NOTE: --mute triggered...
Sun Feb 19 16:29:08 2017 6 variation(s) on previous 3 message(s) suppressed by --mute
Sun Feb 19 16:29:08 2017 [58a9853521232f07f47e74d4] Peer Connection Initiated with [AF_INET]188.209.52.96:10789
Sun Feb 19 16:29:14 2017 Note: option tun-ipv6 is ignored because modern operating systems do not need special IPv6 tun handling anymore.
Sun Feb 19 16:29:14 2017 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:10: redirect-gateway-ipv6 (2.4.0)
Sun Feb 19 16:29:14 2017 Options error: dhcp-option parameter DNS '2001:4860:4860::8888' must be an IP address
Sun Feb 19 16:29:14 2017 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Sun Feb 19 16:29:14 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 19 16:29:14 2017 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Sun Feb 19 16:29:14 2017 NOTE: --mute triggered...
Sun Feb 19 16:29:14 2017 1 variation(s) on previous 3 message(s) suppressed by --mute
Sun Feb 19 16:29:14 2017 open_tun
Sun Feb 19 16:29:15 2017 TAP-WIN32 device [Ethernet 3] opened: \\.\Global\{16D7686C-E3D9-4D2C-B3F0-F7E15967976D}.tap
Sun Feb 19 16:29:15 2017 Set TAP-Windows TUN subnet mode network/local/netmask = 192.168.227.0/192.168.227.2/255.255.255.0 [SUCCEEDED]
Sun Feb 19 16:29:15 2017 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.227.2/255.255.255.0 on interface {16D7686C-E3D9-4D2C-B3F0-F7E15967976D} [DHCP-serv: 192.168.227.254, lease-time: 31536000]
Sun Feb 19 16:29:15 2017 Successful ARP Flush on interface [3] {16D7686C-E3D9-4D2C-B3F0-F7E15967976D}
Sun Feb 19 16:29:15 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=1
Sun Feb 19 16:29:16 2017 NETSH: C:\Windows\system32\netsh.exe interface ipv6 set address interface=3 fd00:c0a8:e300:0:192:168:227:2 store=active
Sun Feb 19 16:29:17 2017 add_route_ipv6(fd00:c0a8:e300::/64 -> fd00:c0a8:e300:0:192:168:227:2 metric 0) dev Ethernet 3
Sun Feb 19 16:29:17 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:17 2017 ERROR: Windows route add ipv6 command failed: returned error code 1
Sun Feb 19 16:29:22 2017 add_route_ipv6(2000::/3 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:22 2017 add_route_ipv6(::/3 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:22 2017 add_route_ipv6(2000::/4 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:22 2017 add_route_ipv6(3000::/4 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:22 2017 add_route_ipv6(fc00::/7 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:23 2017 Initialization Sequence Completed
Sun Feb 19 16:33:37 2017 delete_route_ipv6(2000::/3)
Sun Feb 19 16:33:37 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:38 2017 delete_route_ipv6(::/3)
Sun Feb 19 16:33:38 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:38 2017 delete_route_ipv6(2000::/4)
Sun Feb 19 16:33:38 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:39 2017 delete_route_ipv6(3000::/4)
Sun Feb 19 16:33:39 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:39 2017 delete_route_ipv6(fc00::/7)
Sun Feb 19 16:33:39 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:39 2017 Closing TUN/TAP interface
Sun Feb 19 16:33:39 2017 delete_route_ipv6(fd00:c0a8:e300:0:192:168:227:2/64)
Sun Feb 19 16:33:39 2017 ERROR: Windows route delete ipv6 command failed: returned error code 1
Sun Feb 19 16:33:39 2017 NETSH: C:\Windows\system32\netsh.exe interface ipv6 delete address Ethernet 3 fd00:c0a8:e300:0:192:168:227:2 store=active
Sun Feb 19 16:33:39 2017 SIGTERM[hard,] received, process exiting
can u help me? Thank you!
I think it's the second one. I got a dual stack Internet connection and when I use the Softether VPN the IPv6 Traffic leaks.
If I use Pritunl (where I activate IPv6) then there is no Traffic leaking, it's just saying there is no IPv6 connection.
I've tried so much, working on this for weeks but can't get that done with Softether. Both use Open VPN.
That's the Pritunl login-log:
Sun Feb 19 16:29:08 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 19 16:29:08 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 19 16:29:08 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]188.209.52.96:10789
Sun Feb 19 16:29:08 2017 UDP link local: (not bound)
Sun Feb 19 16:29:08 2017 UDP link remote: [AF_INET]188.209.52.96:10789
Sun Feb 19 16:29:08 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Feb 19 16:29:08 2017 VERIFY OK: depth=1, O=58a9853521232f07f47e74cb, CN=58a9853521232f07f47e74cc
Sun Feb 19 16:29:08 2017 Validating certificate key usage
Sun Feb 19 16:29:08 2017 ++ Certificate has key usage 00a0, expects 00a0
Sun Feb 19 16:29:08 2017 NOTE: --mute triggered...
Sun Feb 19 16:29:08 2017 6 variation(s) on previous 3 message(s) suppressed by --mute
Sun Feb 19 16:29:08 2017 [58a9853521232f07f47e74d4] Peer Connection Initiated with [AF_INET]188.209.52.96:10789
Sun Feb 19 16:29:14 2017 Note: option tun-ipv6 is ignored because modern operating systems do not need special IPv6 tun handling anymore.
Sun Feb 19 16:29:14 2017 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:10: redirect-gateway-ipv6 (2.4.0)
Sun Feb 19 16:29:14 2017 Options error: dhcp-option parameter DNS '2001:4860:4860::8888' must be an IP address
Sun Feb 19 16:29:14 2017 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Sun Feb 19 16:29:14 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 19 16:29:14 2017 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Sun Feb 19 16:29:14 2017 NOTE: --mute triggered...
Sun Feb 19 16:29:14 2017 1 variation(s) on previous 3 message(s) suppressed by --mute
Sun Feb 19 16:29:14 2017 open_tun
Sun Feb 19 16:29:15 2017 TAP-WIN32 device [Ethernet 3] opened: \\.\Global\{16D7686C-E3D9-4D2C-B3F0-F7E15967976D}.tap
Sun Feb 19 16:29:15 2017 Set TAP-Windows TUN subnet mode network/local/netmask = 192.168.227.0/192.168.227.2/255.255.255.0 [SUCCEEDED]
Sun Feb 19 16:29:15 2017 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.227.2/255.255.255.0 on interface {16D7686C-E3D9-4D2C-B3F0-F7E15967976D} [DHCP-serv: 192.168.227.254, lease-time: 31536000]
Sun Feb 19 16:29:15 2017 Successful ARP Flush on interface [3] {16D7686C-E3D9-4D2C-B3F0-F7E15967976D}
Sun Feb 19 16:29:15 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=1
Sun Feb 19 16:29:16 2017 NETSH: C:\Windows\system32\netsh.exe interface ipv6 set address interface=3 fd00:c0a8:e300:0:192:168:227:2 store=active
Sun Feb 19 16:29:17 2017 add_route_ipv6(fd00:c0a8:e300::/64 -> fd00:c0a8:e300:0:192:168:227:2 metric 0) dev Ethernet 3
Sun Feb 19 16:29:17 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:17 2017 ERROR: Windows route add ipv6 command failed: returned error code 1
Sun Feb 19 16:29:22 2017 add_route_ipv6(2000::/3 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:22 2017 add_route_ipv6(::/3 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:22 2017 add_route_ipv6(2000::/4 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:22 2017 add_route_ipv6(3000::/4 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:22 2017 add_route_ipv6(fc00::/7 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:23 2017 Initialization Sequence Completed
Sun Feb 19 16:33:37 2017 delete_route_ipv6(2000::/3)
Sun Feb 19 16:33:37 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:38 2017 delete_route_ipv6(::/3)
Sun Feb 19 16:33:38 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:38 2017 delete_route_ipv6(2000::/4)
Sun Feb 19 16:33:38 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:39 2017 delete_route_ipv6(3000::/4)
Sun Feb 19 16:33:39 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:39 2017 delete_route_ipv6(fc00::/7)
Sun Feb 19 16:33:39 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:39 2017 Closing TUN/TAP interface
Sun Feb 19 16:33:39 2017 delete_route_ipv6(fd00:c0a8:e300:0:192:168:227:2/64)
Sun Feb 19 16:33:39 2017 ERROR: Windows route delete ipv6 command failed: returned error code 1
Sun Feb 19 16:33:39 2017 NETSH: C:\Windows\system32\netsh.exe interface ipv6 delete address Ethernet 3 fd00:c0a8:e300:0:192:168:227:2 store=active
Sun Feb 19 16:33:39 2017 SIGTERM[hard,] received, process exiting
can u help me? Thank you!
-
Sironketchup
- Posts: 3
- Joined: Mon Feb 06, 2017 10:52 am
Re: IPv6 Leak?!
With Softether its says "do_ifconfig, tt->did_ifconfig_ipv6_setup=0" not 1.
How can I change it? :/
How can I change it? :/
-
moatazelmasry
- Posts: 336
- Joined: Sat Aug 15, 2015 7:41 pm
Re: IPv6 Leak?!
hmm, I think
did_ifconfig_ipv6_setup=1
means it failed to setup ipv6
Also the next lines show that SE is failing to add ipv6 routes.
SE is just failing at creating necessarz steps for ipv6. This is acceptable.
Why do you think that the traffic is leaking?
Just to make sure, try to catch the traffic using wireshark while communicating with a website that is using ipv6
did_ifconfig_ipv6_setup=1
means it failed to setup ipv6
Also the next lines show that SE is failing to add ipv6 routes.
SE is just failing at creating necessarz steps for ipv6. This is acceptable.
Why do you think that the traffic is leaking?
Just to make sure, try to catch the traffic using wireshark while communicating with a website that is using ipv6
-
Pandora-Box
- Posts: 26
- Joined: Mon Jan 02, 2017 8:36 pm
Re: IPv6 Leak?!
Hello Sironketchup,
maybe info provided here: https://community.openvpn.net/openvpn/wiki/IPv6 will be of any help?
If you find any solutions, please, let us know.
Good Luck.
P-B
maybe info provided here: https://community.openvpn.net/openvpn/wiki/IPv6 will be of any help?
If you find any solutions, please, let us know.
Good Luck.
P-B
-
thisjun
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: IPv6 Leak?!
Please try L2 mode configuration.