From 38d3bf9afa0733245a6b2eb7e149aaed54cddc67 Mon Sep 17 00:00:00 2001 From: s7r Date: Wed, 18 Jan 2023 22:05:09 +0000 Subject: [PATCH] Update FAQ with IPv6 prefix policies for ULA addresses (#1083) * Update FAQ with IPv6 prefix policies for ULA addresses Most operating systems will prefer IPv4 rather than IPv6 ULA, which defeats the purpose of redirect-gateway ipv6. It's nothing the script can do to automate this. --- FAQ.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/FAQ.md b/FAQ.md index 825a9ba..5acd78b 100644 --- a/FAQ.md +++ b/FAQ.md @@ -151,3 +151,25 @@ route 10.0.0.0 255.0.0.0 ``` So for example - here it would route all traffic of `10.0.0.0/8` to the vpn. And the rest through the internet. + +--- + +**Q:** I have enabled IPv6 and my VPN client gets an IPv6 address. Why do I reach the websites or other dual-stacked destionations via IPv4 only? + +**A:** This is because inside the tunnel you don't get a publicly routable IPv6 address, instead you get an ULA (Unlique Local Lan) address. Operating systems don't prefer this all the time. You can fix this in your operating system policies as it's unrelated to the VPN itself: + +Windows (commands needs to run cmd.exe as Administrator): + +``` +netsh interface ipv6 add prefixpolicy fd00::/8 3 1 +``` + +Linux: + +edit `/etc/gai.conf` and uncomment the following line and also change its value to `1`: + +``` +label fc00::/7 1 +``` + +This will not work properly unless you add you your VPN server `server.conf` one or two lines to push at least 1 (one) IPv6 DNS server. Most providers have IPv6 servers as well, add two more lines of `push "dhcp-option DNS "`