• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Microsoft Windows XP/7 Address Selection Algorithm and 6to4 Addresses

Started by joelalfredo, August 21, 2010, 03:05:21 PM

Previous topic - Next topic

joelalfredo

Hi,

I have a linux machine, acting as a gateway for my internal network with a 6to4 tunnel to access the IPv6 Internet. I'm assigning ipv6 addresses to my network using the radvd daemon and everything is working just fine at layer 3.
I have a problem when I try to access IPv6 Sites from my Windows (XP/7) workstations, using Mozilla or Internet Explorer. They always seem to prefer the IPv4 addresses to connect to those sites. I have checked the IPv6 Prefix Policies being the defaults,

C:\Users\joel.alfredo>netsh interface ipv6 show prefixpolicies
Querying active state...

Precedence  Label  Prefix
----------  -----  --------------------------------
        50      0  ::1/128
        40      1  ::/0
        30      2  2002::/16
        20      3  ::/96
        10      4  ::ffff:0:0/96
         5      5  2001::/32

I have also check the DNS resolution process with Wireshark and there I can see how they ask for both, IPv4 and IPv6 addresses, but immediately after the DNS resolution they try to establish connection to the IPv4. 
172.16.8.9   200.55.128.3   DNS   Standard query A ipv6.he.net
200.55.128.3   172.16.8.9   DNS   Standard query response A 66.220.2.75
172.16.8.9   200.55.128.3   DNS   Standard query AAAA ipv6.he.net
200.55.128.3   172.16.8.9   DNS   Standard query response AAAA 2001:470:0:64::2
172.16.8.9   66.220.2.75   TCP   49626 > http [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=2
66.220.2.75   172.16.8.9   TCP   http > 49626 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460 WS=6
My DNS resolver is always asking first for the A record, and then for the AAAA. Even if it receives both answers, the OS (or the explorer, I don't really know who is deciding this) tries to connect to the IPv4 address.
I was accessing my DNS by IPv4, but changing to IPv6 didn't make any difference as you can see in the next output from the Wireshark:

16 2002:be06:4612:1:5040:bb85:f0ff:57f5 2002:be06:4612:1::1 DNS Standard query A ipv6.he.net
17 2002:be06:4612:1::1 2002:be06:4612:1:5040:bb85:f0ff:57f5 DNS Standard query response A 66.220.2.75
18 2002:be06:4612:1:5040:bb85:f0ff:57f5 2002:be06:4612:1::1 DNS Standard query AAAA ipv6.he.net
19 2002:be06:4612:1::1 2002:be06:4612:1:5040:bb85:f0ff:57f5 DNS Standard query response AAAA 2001:470:0:64::2
20 172.16.8.9 66.220.2.75 TCP 49401 > http [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=2

However, when I try to get access to my local Web Site (which uses a 6to4 address), it also ask first for the A record and then for the AAAA, but it tries to connect to the web site using IPv6. Look in the next Wireshark output:

15 2002:be06:4612:1:5040:bb85:f0ff:57f5 2002:be06:4612:1::1 DNS Standard query A www.net6sol.com
16 2002:be06:4612:1::1 2002:be06:4612:1:5040:bb85:f0ff:57f5 DNS Standard query response A 190.6.70.18
17 2002:be06:4612:1:5040:bb85:f0ff:57f5 2002:be06:4612:1::1 DNS Standard query AAAA www.net6sol.com
18 2002:be06:4612:1::1 2002:be06:4612:1:5040:bb85:f0ff:57f5 DNS Standard query response AAAA 2002:be06:4612:1::1
19 2002:be06:4612:1:5040:bb85:f0ff:57f5 2002:be06:4612:1::1 TCP 49460 > http [SYN] Seq=0 Win=8192 Len=0 MSS=1440 WS=2
Based on some suggestions I have tried this:
1.   First, I have disabled Teredo and ISATAP, and it didn't change.
2.   I have used static instead of auto configuration to the IPv6 interface configuration (thinking about the default metric it uses when the default gateway is auto configured, but of course, the problem seems to be related with the destination address selection algorithm and not the routing process). It didn't work either.
3.   And finally, I took off the IPv4 default gateway. Of course, in this way it doesn't have any way out but IPv6, and it works when the site is IPv6, or dual stack, but it doesn't work with IPv4 only sites. Here is the Wireshark output accessing www.kame.net, and the kame is dancing :) :

122 2002:be06:4612:1:811:bbd2:f3b1:4829 2002:be06:4612:1::1 DNS Standard query A www.kame.net
123 2002:be06:4612:1::1 2002:be06:4612:1:811:bbd2:f3b1:4829 DNS Standard query response CNAME orange.kame.net A 203.178.141.194
124 2002:be06:4612:1:811:bbd2:f3b1:4829 2002:be06:4612:1::1 DNS Standard query AAAA www.kame.net
125 2002:be06:4612:1::1 2002:be06:4612:1:811:bbd2:f3b1:4829 DNS Standard query response CNAME orange.kame.net AAAA 2001:200:dff:fff1:216:3eff:feb1:44d7
126 2002:be06:4612:1:811:bbd2:f3b1:4829 2001:200:dff:fff1:216:3eff:feb1:44d7 TCP 49238 > http [SYN] Seq=0 Win=8192 Len=0 MSS=1440 WS=2

I wonder if this is misbehavior of Windows relating to 6to4 Addresses, or I'm missing something. Whenever I try the same process with a Linux Machine it works just fine. I also can browse those sites using IPv6 Addresses in the URLs instead of their names.

Thanks a lot,
Joel Alfredo

cholzhauer

Quote
I wonder if this is misbehavior of Windows relating to 6to4 Addresses

That would be my guess.  Teredo addresses have this behavior...(IPv4 is preferred)

cholzhauer


joelalfredo

Thank you very much,

I have been looking for this answer from a long time without success and you answer me in less than 5 minutes, I'm really happy right now.

The explanation about Windows XP is in the same document (http://oldwiki.openwrt.org/IPv6_howto.html#head-e3a3af5ba5b2a7f8f19e50a41276f883d9374bc4), and as you said, is the same behavior of Vista/7.

Best Regards,

Joel