Question OpenVPN - - - establishing TCP6 connection ?

[GorgKhan]

This is a VPN, and the connection is established through TCP6.

Its IPv4 is available, while IPv6 is not.


So I have a Ubuntu Server VPS. It has both public IPv4 and IPv6. I installed openvpn by pivpn script.

I don't know how to make the connection to be established through TCP6, and the clients have a public IPv4 like the first and second screenshots.


This is my server.conf

dev tun
proto tcp
port xxxx
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/xxxx.crt
key /etc/openvpn/easy-rsa/pki/private/xxxx.key
dh none
ecdh-curve prime256v1
topology subnet
server 10.200.162.0 255.255.255.0
# Set your primary domain name server address for clients
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
# Prevent DNS leaks on Windows
push "block-outside-dns"
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
client-to-client
client-config-dir /etc/openvpn/ccd
keepalive 15 120
remote-cert-tls client
tls-version-min 1.2
 tls-crypt /etc/openvpn/easy-rsa/pki/ta.key
cipher AES-256-CBC
auth SHA256
user openvpn
group openvpn
persist-key
persist-tun
crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20

 

[cruisetung]

Not familiar with ipv6, but if you can use ipv4 and if only for personal use, use ZeroTier instead for simplicity.

Performance is also better.

https://medium.com/netmaker/battle-of-the-vpns-which-one-is-fastest-speed-test-21ddc9cd50db

 

[bill001g]

There really is no reason to do this unless you have some shortage of IPv4 addresses.

Your ISP would have to give your home a IPv6 address so you can establish communication with the server using IPv6.

If you need details on how to set the server up you are best off finding a forum with someone who does lots of linux setup. It is likely just routing statement in the IPTABLES but it has been many years since I messed with that so I forget. In effect the vpn tunnel between the 2 locations has the external addresses and a set of internal addresses on the tunnel end point themselves. You then route all the other IP addresses that pass over this connection to these internal end points addresses.

It is the reverse that you see more often and this is not even a vpn issue. You have some server that only has a IPv6 address and want to access it via IPv4. There is a built in tunneling method...not encrypted...that is commonly used.

In general IPv6 is still not really being used. It has been screamed it is the future of the internet since I was doing networking 30 years ago. It is still extremely limited in usage. For whatever reason the ISP have not spent the effort to make IPv6 have as good performance as IPv4. You find suboptimal routing for ipv6 connections sometimes. In addition ipv6 contains the mac address of the internal devices in your house so all the data collectors can now track you even more closely.