ipv6 bug

[nimaisox]

hi
Thank you for making this software
I tested this configuration on Wireguard Client and WireSock Client on two systems
The first system has IPv6 link-local
The second system did not have IPv6 link-local
My Wireguard server has both IPv6 and IPv4
But clients do not have IPv6
The WireSock client and Wireguard work fine on the first system, but on the second system Wireguard client works but WireSock client does not work.
However The second system, Wireguard client works but does not output ipv6,which is true.

(Server config)
[Interface]
Address = 10.0.0.1,2001:db8:85a3::2
PrivateKey = CHOv74+mOOg9Fd4kHrnLr57S6iMx+nyGo9D61Xh7O0A=
ListenPort = 2053
PostUp = iptables -I INPUT -p udp --dport 2053 -j ACCEPT; iptables -I FORWARD -i eth0 -o wg0 -j ACCEPT; iptables -I FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -I FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D INPUT -p udp --dport 2053 -j ACCEPT; iptables -D FORWARD -i eth0 -o wg0 -j ACCEPT; iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

[Peer]
PublicKey = G2YLItlOhvs6h/2PPIDkhyGqCy/TrTz8uqLBZyHIxyg=
PresharedKey = j8egA3/ejBInrTDqOyx5tfwdxmyw/zzgOUJIJyAHiQ4=
AllowedIPs = 10.0.7.209,2001:db8:85a3::7d1

(Client Config)
[Interface]
PrivateKey = wDFNe/mlnJcxEnsLE6YocHcx4BT4YIQrQeRb6hcAaks=
Address = 10.0.7.209/16,2001:db8:85a3::7d1/48
DNS = 8.8.8.8,8.8.4.4,2001:4860:4860::8888,2001:4860:4860::8844

[Peer]
PublicKey = NHfiDfIF9QnBCEGbv3XSiXgwAhQzr/pdXhvOYQvFAxQ=
PresharedKey = j8egA3/ejBInrTDqOyx5tfwdxmyw/zzgOUJIJyAHiQ4=
Endpoint = Myserver:2053
AllowedIPs = 0.0.0.0/0,::/0

I hope I have explained well :)

[wiresock]

Do you operate WireSock with administrative privileges, or as a standard user? Also, do you employ Transparent or Virtual Adapter mode?

Running WireSock as a standard user imposes certain limitations due to insufficient privileges, particularly in assigning IP addresses to the network interface. For instance, in Transparent mode, if your default network interface lacks an IPv6 address, WireSock typically tries to assign one from the WireGuard configuration. However, without administrative rights, WireSock is unable to perform this action.

[nimaisox]

Administrator
I tested both, there was no difference
Traffic is exchanged, but when I search for a site, it does not come up, or it gives a connection error, or I search in Google.

[wiresock]

Please provide a detailed log from the system experiencing the issue. Additionally, the output of the ipconfig command and pcap files gathered by WireSock with -log-level all would be helpful.

[nimaisox]

Can I email you the logs?

[wiresock]

Yes, sure. You can reach me using [email protected]

[nimaisox]

I sent

[wiresock]

Thank you for sharing the logs. However, I had also requested the output of the ipconfig /all command when the tunnel is active. Currently, it appears that IPv6 is not utilized on the target system. Could you kindly verify if IPv6 is enabled on both your default internet interface and the WireSock network interface? Please see how it looks like on my laptop on the screenshots below.

[nimaisox]

Sorry
I activated and deactivated ipv6, there was no difference, the output of the log was not different from the previous one that I sent
The problem is exactly here, in my opinion, when the target system does not have IPv6, wiresock tries to use IPv6, but wireguard uses IPv4 when the target system does not have IPv6.
my system os windows 11

ipconfig all.txt

[nimaisox]

Now the interesting thing is that I installed a windows 10 on vm.
isp of the vm system is the same as my computer
But a local IPv6 is registered for it, I don't know how but wiresock has no problem. It works
The output even gives ipv6 on the my ip site

[wiresock]

Based on my understanding, enabling IPv6 on a Windows computer invariably results in the automatic assignment of a link-local IPv6 address to every network interface. This address, identifiable by its initial "fe80:" prefix, facilitates communication within the local network segment. Importantly, the generation of this link-local address is independent of whether there is a DHCP server or a static IP configuration in place. This is a core aspect of the IPv6 protocol, designed to guarantee constant availability of local network connectivity. Therefore, the absence of a link-local address on your system is quite perplexing.

[nimaisox]

Exactly, my friend has this problem too.
Can you add this feature if a client didn't have IPV6 it uses IPV4 like Wireguard?

[wiresock]

Upon re-examining the packet capture data you shared, I've noticed an issue with packet fragmentation. To address this, could you kindly add the MTU parameter to your cleint Wireguard configuration file? I recommend testing with MTU values of 1420 and 1380. After making these adjustments, please let me know the results. Your feedback will be crucial in determining the next steps to resolve this issue.

[nimaisox]

Some sites did open, I think its because of that they use IPV4
I tested the both mtus and emailed you the logs.
In the log, I opened a few sites that opened, and a few that didn't open
For example https://www.google.com/ didn't open but https://whatismyipaddress.com/ opened

[wiresock]

Hmm, I have not received any logs so far.

[nimaisox]

Google deleted my message due to the large volume, so I sent it again