SoftEther VPN User Forum

SoftEther VPN User Forum
https://forum.vpngate.net/

IPv6 Leak?!

https://forum.vpngate.net/viewtopic.php?f=7&t=7327

Page 1 of 1

IPv6 Leak?!

Posted: Mon Feb 06, 2017 11:28 am
by Sironketchup
Hi Guys!

I've installed a Softether VPN-Server and use it via OpenVPN. It all works fine but my IPv6 seems to leak. What can I do? With Pritunl I had no problem, I could just enable IPv6 to get the Server's IPv6.
But I need a VPN-Server where I can limit the bandwidth, Softether seems to be the only one with that option.

Could you give mit any help?

Thank you very much!

Re: IPv6 Leak?!

Posted: Mon Feb 06, 2017 1:46 pm
by moatazelmasry
Are you talking about memory leak?

Could you please explain how to reproduce this behavior?

Re: IPv6 Leak?!

Posted: Mon Feb 06, 2017 1:58 pm
by moatazelmasry
Or did you mean Dual stack leage in VPN??
https://tools.ietf.org/html/rfc7359

Re: IPv6 Leak?!

Posted: Mon Feb 20, 2017 10:05 am
by Sironketchup
Hi! Thanks for your answers!
I think it's the second one. I got a dual stack Internet connection and when I use the Softether VPN the IPv6 Traffic leaks.
If I use Pritunl (where I activate IPv6) then there is no Traffic leaking, it's just saying there is no IPv6 connection.
I've tried so much, working on this for weeks but can't get that done with Softether. Both use Open VPN.
That's the Pritunl login-log:
Sun Feb 19 16:29:08 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 19 16:29:08 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 19 16:29:08 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]188.209.52.96:10789
Sun Feb 19 16:29:08 2017 UDP link local: (not bound)
Sun Feb 19 16:29:08 2017 UDP link remote: [AF_INET]188.209.52.96:10789
Sun Feb 19 16:29:08 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Feb 19 16:29:08 2017 VERIFY OK: depth=1, O=58a9853521232f07f47e74cb, CN=58a9853521232f07f47e74cc
Sun Feb 19 16:29:08 2017 Validating certificate key usage
Sun Feb 19 16:29:08 2017 ++ Certificate has key usage 00a0, expects 00a0
Sun Feb 19 16:29:08 2017 NOTE: --mute triggered...
Sun Feb 19 16:29:08 2017 6 variation(s) on previous 3 message(s) suppressed by --mute
Sun Feb 19 16:29:08 2017 [58a9853521232f07f47e74d4] Peer Connection Initiated with [AF_INET]188.209.52.96:10789
Sun Feb 19 16:29:14 2017 Note: option tun-ipv6 is ignored because modern operating systems do not need special IPv6 tun handling anymore.
Sun Feb 19 16:29:14 2017 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:10: redirect-gateway-ipv6 (2.4.0)
Sun Feb 19 16:29:14 2017 Options error: dhcp-option parameter DNS '2001:4860:4860::8888' must be an IP address
Sun Feb 19 16:29:14 2017 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Sun Feb 19 16:29:14 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 19 16:29:14 2017 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Sun Feb 19 16:29:14 2017 NOTE: --mute triggered...
Sun Feb 19 16:29:14 2017 1 variation(s) on previous 3 message(s) suppressed by --mute
Sun Feb 19 16:29:14 2017 open_tun
Sun Feb 19 16:29:15 2017 TAP-WIN32 device [Ethernet 3] opened: \\.\Global\{16D7686C-E3D9-4D2C-B3F0-F7E15967976D}.tap
Sun Feb 19 16:29:15 2017 Set TAP-Windows TUN subnet mode network/local/netmask = 192.168.227.0/192.168.227.2/255.255.255.0 [SUCCEEDED]
Sun Feb 19 16:29:15 2017 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.227.2/255.255.255.0 on interface {16D7686C-E3D9-4D2C-B3F0-F7E15967976D} [DHCP-serv: 192.168.227.254, lease-time: 31536000]
Sun Feb 19 16:29:15 2017 Successful ARP Flush on interface [3] {16D7686C-E3D9-4D2C-B3F0-F7E15967976D}
Sun Feb 19 16:29:15 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=1
Sun Feb 19 16:29:16 2017 NETSH: C:\Windows\system32\netsh.exe interface ipv6 set address interface=3 fd00:c0a8:e300:0:192:168:227:2 store=active
Sun Feb 19 16:29:17 2017 add_route_ipv6(fd00:c0a8:e300::/64 -> fd00:c0a8:e300:0:192:168:227:2 metric 0) dev Ethernet 3
Sun Feb 19 16:29:17 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:17 2017 ERROR: Windows route add ipv6 command failed: returned error code 1
Sun Feb 19 16:29:22 2017 add_route_ipv6(2000::/3 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:22 2017 add_route_ipv6(::/3 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:22 2017 add_route_ipv6(2000::/4 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:22 2017 add_route_ipv6(3000::/4 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:22 2017 add_route_ipv6(fc00::/7 -> fd00:c0a8:e300::1 metric -1) dev Ethernet 3
Sun Feb 19 16:29:22 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:29:23 2017 Initialization Sequence Completed
Sun Feb 19 16:33:37 2017 delete_route_ipv6(2000::/3)
Sun Feb 19 16:33:37 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:38 2017 delete_route_ipv6(::/3)
Sun Feb 19 16:33:38 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:38 2017 delete_route_ipv6(2000::/4)
Sun Feb 19 16:33:38 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:39 2017 delete_route_ipv6(3000::/4)
Sun Feb 19 16:33:39 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:39 2017 delete_route_ipv6(fc00::/7)
Sun Feb 19 16:33:39 2017 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Sun Feb 19 16:33:39 2017 Closing TUN/TAP interface
Sun Feb 19 16:33:39 2017 delete_route_ipv6(fd00:c0a8:e300:0:192:168:227:2/64)
Sun Feb 19 16:33:39 2017 ERROR: Windows route delete ipv6 command failed: returned error code 1
Sun Feb 19 16:33:39 2017 NETSH: C:\Windows\system32\netsh.exe interface ipv6 delete address Ethernet 3 fd00:c0a8:e300:0:192:168:227:2 store=active
Sun Feb 19 16:33:39 2017 SIGTERM[hard,] received, process exiting

can u help me? Thank you!

Re: IPv6 Leak?!

Posted: Mon Feb 20, 2017 10:11 am
by Sironketchup
With Softether its says "do_ifconfig, tt->did_ifconfig_ipv6_setup=0" not 1.
How can I change it? :/

Re: IPv6 Leak?!

Posted: Thu Feb 23, 2017 9:51 pm
by moatazelmasry
hmm, I think
did_ifconfig_ipv6_setup=1
means it failed to setup ipv6

Also the next lines show that SE is failing to add ipv6 routes.

SE is just failing at creating necessarz steps for ipv6. This is acceptable.

Why do you think that the traffic is leaking?
Just to make sure, try to catch the traffic using wireshark while communicating with a website that is using ipv6

Re: IPv6 Leak?!

Posted: Fri Feb 24, 2017 2:32 pm
by Pandora-Box
Hello Sironketchup,
maybe info provided here: https://community.openvpn.net/openvpn/wiki/IPv6 will be of any help?
If you find any solutions, please, let us know.
Good Luck.
P-B

Re: IPv6 Leak?!

Posted: Wed Mar 08, 2017 6:44 am
by thisjun
Please try L2 mode configuration.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/