8000 Support IP version by KeCheng2022 · Pull Request #460 · tinyproxy/tinyproxy · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Support IP version #460

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Support IP version #460

wants to merge 1 commit into from

Conversation

KeCheng2022
Copy link
  • ipv4 : ignore IPv6 addresses in DNS response
  • ipv6 : ignore IPv4 addresses in DNS response
  • any : accept both IPv4 and IPv6 addresses in DNS response

@rofl0r
Copy link
Contributor
rofl0r commented Sep 27, 2022

good work, but before we discuss merging this let's first talk about your usecase, and whether that usecase could be handled automatically in a sane way. whenever possible we should try to prefer sane defaults over additional config items.

@KeCheng2022
IP version supported by Tinyproxy
d3c0bf7 
 - ipv4 : ignore IPv6 addresses in DNS response
 - ipv6 : ignore IPv4 addresses in DNS response
 - any  : accept both IPv4 and IPv6 addresses in DNS response
@KeCheng2022
Copy link
Author

For our devices, the IPv6 traffic path is not supported yet.
So, when the IPv6 addresses in the DNS response were returned to TinyProxy and when the IPv6 addresses were in the beginning of the DNS response,
TinyProxy would have to try these IPv6 addresses one after another consequently cause unnecessary TimeOut.

From the users' perspective, there would be obvious network performance issues.
We think that, this scenario might not be specific to us, to some extend, it's a general problem.
So, we'd like to add the general option to exclude either IPv6 or IPv4.

@rofl0r
Copy link
Contributor
rofl0r commented Sep 28, 2022

For our devices, the IPv6 traffic path is not supported yet.

this appears to be more of a configuration issue than anything else. the canonical solution to that would appear to be

echo "1" > /proc/sys/net/ipv6/conf/all/disable_ipv6
# disable automatic processing of router advertisement.
# this can silently and unexpectedly add ipv6 routes behind one's back.
echo "0" > /proc/sys/net/ipv6/conf/all/accept_ra

if the system is configured like this, the DNS resolver will not return ipv6 results.

as far as automatically selecting the best DNS reponse is concerned, we could just always request DNS results with AF_UNSPEC and then iterate over the results once trying to find an address that matches the address family that was specified for the listen address (or eventually bind addresses), and if none matching were encountered, just use the first response record. how and whether to prefer listen or bind addresses for this strategy would need some discussion.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@KeCheng2022 @rofl0r
0