How do you support providing IPv6 connectivity for your VPN, that is, passing IPv6 through the tunnel? I currently have IPv4 going through the tunnel just fine but the IPv6 traffic is bypassing the tunnel. Thanks,
Providing IPv6 connectivity for your VPN, that is, passing IPv6 through the tunnel?
When setting up NEPacketTunnelNetworkSettings try using NEIPv6Settings and NEIPv6Route. Check that your tunnel server and any DNS sever used in NEDNSSettings can support IPv6 as well.
If you can get the network configuration off the ground, you may want to check that traffic is making it to the DNS server or your tunnel server?
I think it would also be worth taking a look at the article for IPv6 Address Synthesis on Older Systems.
Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
If you can get the network configuration off the ground, you may want to check that traffic is making it to the DNS server or your tunnel server?
I think it would also be worth taking a look at the article for IPv6 Address Synthesis on Older Systems.
Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
Matt, thanks a bunch for the response. These are the NEPacketTunnelNetworkSettings I have on the iOS client side.
Does this look right?
let ipv6Settings = NEIPv6Settings.init(addresses: [<Server IPv6 address>], networkPrefixLengths: [64])
tunnelNetworkSettings.ipv6Settings = ipv6Settings
tunnelNetworkSettings.ipv6Settings?.includedRoutes = [NEIPv6Route(destinationAddress: "::", networkPrefixLength: 64)]
let dns = "8.8.8.8,8.4.4.4,2001:4860:4860::8888" // first two are to support IPv4 and the last one is to support IPv6
let dnsSettings = NEDNSSettings(servers: (dns as! String).components(separatedBy: ","))
// This overrides system DNS settings
dnsSettings.matchDomains = [""]
tunnelNetworkSettings.dnsSettings = dnsSettings
p.s. I also would like to mention that my IPv4 settings work great! I am able to see all the IPv4 traffic go through the tunnel. However, Facetime traffic seems to bypass the tunnel which is what kept me wondering if my IPv6 settings are incorrect? thanks,
Does this look right?
let ipv6Settings = NEIPv6Settings.init(addresses: [<Server IPv6 address>], networkPrefixLengths: [64])
tunnelNetworkSettings.ipv6Settings = ipv6Settings
tunnelNetworkSettings.ipv6Settings?.includedRoutes = [NEIPv6Route(destinationAddress: "::", networkPrefixLength: 64)]
let dns = "8.8.8.8,8.4.4.4,2001:4860:4860::8888" // first two are to support IPv4 and the last one is to support IPv6
let dnsSettings = NEDNSSettings(servers: (dns as! String).components(separatedBy: ","))
// This overrides system DNS settings
dnsSettings.matchDomains = [""]
tunnelNetworkSettings.dnsSettings = dnsSettings
p.s. I also would like to mention that my IPv4 settings work great! I am able to see all the IPv4 traffic go through the tunnel. However, Facetime traffic seems to bypass the tunnel which is what kept me wondering if my IPv6 settings are incorrect? thanks,
My main concern regarding this is: It seems many Apple services such as Push Notifications and FaceTime are never routed through the VPN tunnel, as per Apple policy. Is this true? Can I please get a confirmation on this?
Thanks for reading and taking the time to comment.
Thanks for reading and taking the time to comment.