Page MenuHomePhabricator

IPv6 support in OpenVPN tunnel
Open, WishlistPublicFEATURE REQUEST

Description

Hi there,

IPv6 in OpenVPN tunnel is not support in this time, but I think it is very necessary to make it happen.
Besides, I don't think it is hard to implement.

I hope that it can be happen in the next version.

Thank you very much.


Ref: http://forum.vyos.net/showthread.php?tid=26788&pid=30430

Details

Difficulty level
Easy (less than an hour)
Version
1.2.0

Event Timeline

@afics this ticket at least have description
i will merge all to one soon

syncer claimed this task.Dec 14 2016, 1:16 PM
syncer removed syncer as the assignee of this task.
syncer edited projects, added VyOS 1.2 Crux; removed VyOS 2.0.x, VyOS 1.1.x (1.1.8).
syncer edited subscribers, added: VyOS 1.2 Crux; removed: VyOS 2.0.x, VyOS 1.1.x.

I checked on 2017-09-04 and I am not able to put in IPv6 address into the OpenVPN interfaces.

If this could be done, this would be EXTREMELY helpful.

At the moment I'm having to make use of being able to tunnel IPv6 through IPv4 (OpenVPN) interface even though I have IPv6 available from ISP and current OpenVPN (2.3.4 and later) support tunneling IPv4 and IPv6 through OpenVPN.

If we could get the IPv6 address configuration for the OpenVPN interfaces added to the CLI then that should allow both IPv4 and IPv6 to be tunneled through the OpenVPN connection.

All other implementations I know about, CentOS, Debian, PfSense, etc., already support both IPv4 and IPv6 being tunneled through the OpenVPN interface. VyOS is the only hold-out that I know of at the moment.

Latest version of OpenVPN is 2.4.4 and has multiple new features.

Could the 1.2.X BETA version of VyOS be updated to this latest version?

pasik added a subscriber: pasik.Oct 1 2018, 9:54 AM
syncer assigned this task to hagbard.Oct 13 2018, 10:32 AM
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc4); removed VyOS 1.2 Crux.

That needs to be handled with care, since the old perl script have some easter eggs in it.

syncer changed the subtype of this task from "Task" to "Feature Request".Oct 19 2018, 9:27 AM
dmbaturin set Version to 1.2.0.
dmbaturin removed a subscriber: VyOS 1.2 Crux.

A user on the forum informed me that a temporary work around that gets one step closer with the current code base is:

openvpn-option "tun-ipv6"
openvpn-option "ifconfig-ipv6 PREFIX::1 PREFIX::2"

This allows the OpenVPN tunnel to transport IPV6 packets without having to have an external "interface tunnel" IPv4 <-> IPv6 translation.

I’ll continue looking forward to the day that VyOS can handle IPv6 on its “OUTER” addresses for OpenVPN as well as I inch forward towards IPv6-ONLY.

We should have an eye on https://community.openvpn.net/openvpn/ticket/208 cause this will change the config logic again completly.