[Bug] TUN 模式作为网关无法使用 IPv6 Fail to route IPv6 as gateway

[Journalist-HK]

Verify steps

• [X] 确保你使用的是本仓库最新的的 mihomo 或 mihomo Alpha 版本 Ensure you are using the latest version of Mihomo or Mihomo Alpha from this repository.
• [ ] 如果你可以自己 debug 并解决的话，提交 PR 吧 Is this something you can debug and fix? Send a pull request! Bug fixes and documentation fixes are welcome.
• [X] 我已经在 Issue Tracker 中找过我要提出的问题 I have searched on the issue tracker for a related issue.
• [X] 我已经使用 Alpha 分支版本测试过，问题依旧存在 I have tested using the dev branch, and the issue still exists.
• [X] 我已经仔细看过 Documentation 并无法自行解决问题 I have read the documentation and was unable to solve the issue.
• [X] 这是 Mihomo 核心的问题，并非我所使用的 Mihomo 衍生版本（如 OpenMihomo、KoolMihomo 等）的特定问题 This is an issue of the Mihomo core per se, not to the derivatives of Mihomo, like OpenMihomo or KoolMihomo.

Mihomo version

v1.18.1

What OS are you seeing the problem on?

Linux

Mihomo config

mixed-port: 7890
tproxy-port: 7894
allow-lan: true
bind-address: '*'
mode: rule
log-level: debug
ipv6: true
find-process-mode: off
external-controller: :9090
interface-name: end0
dns:
  enable: true
  listen: :53
  ipv6: true
  default-nameserver: [223.5.5.5]
  use-hosts: false
  enhanced-mode: fake-ip
  fake-ip-range: 198.18.0.1/16
  fake-ip-filter:
    - "+.local"
    - "+.localhost"
    - '+.ip6-localhost'
    - '+.ip6-loopback'
    - '*.lan'
    - "*.localdomain"
    - '+.test-ipv6.com'
  nameserver:
    - '192.168.1.1:53'
    - '[fd67:b5b3:5309::1]:53'

tun:
  enable: true
  stack: system
  dns-hijack:
    - any:53
    - tcp://any:53
  auto-route: true
  auto-detect-interface: false

rules:
  - 'MATCH,DIRECT'

Mihomo log

time="2024-02-24T23:17:35.487477555+08:00" level=debug msg="[Rule] use default rules"
time="2024-02-24T23:17:35.487997046+08:00" level=debug msg="[DNS] cache hit for ipv6.testipv6.cn., expire at 2024-02-24 23:17:40"
time="2024-02-24T23:17:35.48805812+08:00" level=debug msg="[DNS] cache hit for ipv6.testipv6.cn., expire at 2024-02-24 23:51:56"
time="2024-02-24T23:17:35.525616103+08:00" level=info msg="[TCP] 192.168.1.3:14275 --> ipv6.testipv6.cn:80 match MATCH using DIRECT"

time="2024-02-24T23:18:43.026688623+08:00" level=debug msg="[DNS] cache hit for ipv6.vm3.test-ipv6.com., expire at 2024-02-24 23:16:56"
time="2024-02-24T23:18:43.026801343+08:00" level=debug msg="[DNS] cache hit for ipv6.vm3.test-ipv6.com., expire at 2024-02-24 23:21:51"
time="2024-02-24T23:18:43.027169078+08:00" level=debug msg="[DNS] resolve ipv6.vm3.test-ipv6.com from udp://[fd67:b5b3:5309::1]:53"
time="2024-02-24T23:18:43.027294928+08:00" level=debug msg="[DNS] resolve ipv6.vm3.test-ipv6.com from udp://192.168.1.1:53"
time="2024-02-24T23:18:43.11715573+08:00" level=debug msg="[DNS] ipv6.vm3.test-ipv6.com --> [2001:470:1:18::115] AAAA from udp://[fd67:b5b3:5309::1]:53"
time="2024-02-24T23:18:43.117255302+08:00" level=debug msg="[DNS] ipv6.vm3.test-ipv6.com --> [2001:470:1:18::115] AAAA from udp://192.168.1.1:53"

Description

将 IPv4 和 IPv6 网关和 DNS 设置为运行 mihomo 的电脑 A，无法访问 IPv6 地址，但是 A 本身可以（使用 auto-route）。

A 已经配置内核参数

net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1

mihomo is running on A (192.168.1.2, fd67:b5b3:5309::2, fe80::dea6:32ff:fe30:9ba5). Everything goes well. After changing default gateway and DNS of B (192.168.1.3, fd67:b5b3:5309::3) to A, I can't get access to public IPv6 address.

ip route add default via 192.168.1.2 dev eth0 table 20
ip rule add lookup 20 pref 20
ip -6 route add default via fe80::dea6:32ff:fe30:9ba5 dev eth0 table 20
ip -6 rule add lookup 20 pref 20

On A and B:

nslookup ipv6.testipv6.cn (real ip: 2408:8220:310:76f0::8)
198.18.0.21
nslookup ipv6.vm3.test-ipv6.com
2001:470:1:18::115

On A:

~ $ curl http://ipv6.testipv6.cn/ip/?callback=?
callback({"ip":"240e:3a1:1::dea6:32ff:fe30:9ba5","type":"ipv6","subtype":"","via":"","padding":""})

~ $ curl http://[2408:8220:310:76f0::8]/ip/?callback=?
callback({"ip":"240e:3a1:1::dea6:32ff:fe30:9ba5","type":"ipv6","subtype":"","via":"","padding":""})

~ $ curl http://ipv6.vm3.test-ipv6.com/ip/?callback=?
callback({"ip":"240e:3a1:1::dea6:32ff:fe30:9ba5","type":"ipv6","subtype":"","via":"","padding":""})

~ $ curl http://[2001:470:1:18::115]/ip/?callback=?
callback({"ip":"240e:3a1:1::dea6:32ff:fe30:9ba5","type":"ipv6","subtype":"","via":"","padding":""})

On B:

~ $ curl http://ipv6.testipv6.cn/ip/?callback=?
callback({"ip":"240e:3a1:1::dea6:32ff:fe30:9ba5","type":"ipv6","subtype":"","via":"","padding":""})

# the same ip of A. This's expected behavior because B connects A via fake ip.

~ $ curl http://[2408:8220:310:76f0::8]/ip/?callback=?
failed

~ $ curl http://ipv6.vm3.test-ipv6.com/ip/?callback=?
failed

~ $ curl http://[2001:470:1:18::115]/ip/?callback=?
failed

Failed commands didn't generate connection log but only DNS lookups. The ideal result would be to return B's IP, and if not, at least return A's IP via NAT.

[y1rn]

same issue on archlinux, ipv6 doesn't work after minoho server startup