vopono icon indicating copy to clipboard operation
vopono copied to clipboard
verified publisher icon jamesmcm

Support for dual stack on endpoint configuration

Open NextWork123 opened this issue 4 months ago • 6 comments

Hello, i want to ask if is possible with wireguard and protonvpn to put in the config a endpoint like that: node-ch-31.protonvpn.net:51820 so we can benefit of ipv4 and ipv6 on the endpoint i tried but vopono seem to refuse to resolve that do you have some suggestion how can i fix? or it needs to be added the support for that?

[Interface]
PrivateKey = *redacted*
Address = 10.2.0.2/32, 2a07:b944::2:2/128
DNS = 10.2.0.1, 2a07:b944::2:1

[Peer]
PublicKey = XEhzlc2pX8uDChBR65mlzijG6KaoatbiEND8mRdjVD8=
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = node-ch-31.protonvpn.net:51820

NextWork123 avatar Aug 08 '25 14:08 NextWork123

Thanks, I'll see if I can test this - atm we always do IPv4 over IPv6 or just IPv4, it'd be nice to have the separate tunnels where supported.

jamesmcm avatar Aug 11 '25 09:08 jamesmcm

Thanks, I'll see if I can test this - atm we always do IPv4 over IPv6 or just IPv4, it'd be nice to have the separate tunnels where supported.

what is the benefit to do separate tunnels?

NextWork123 avatar Aug 12 '25 08:08 NextWork123

I meant connecting to the endpoint separately for IPv4 and IPv6 like in your example - so we don't need to do 4over6 etc.

I don't have IPv6 on my normal home connection though so this is hard for me to test :(

jamesmcm avatar Aug 12 '25 16:08 jamesmcm

I meant connecting to the endpoint separately for IPv4 and IPv6 like in your example - so we don't need to do 4over6 etc.

I don't have IPv6 on my normal home connection though so this is hard for me to test :(

how can i help you for resolve that? (i have the package on latest git so if you need something tell)

NextWork123 avatar Aug 12 '25 17:08 NextWork123

The issue above is that it needs to resolve the IP addresses (both IPv4 and IPv6) for the endpoint before setting the DNS server to the internal ProtonVPN one.

It seems it is setting it first, and then cannot connect to it to resolve the hostname.

But we'll almost certainly also need some firewall changes to handle the case of IPv4 and IPv6 running at the same time but to separate remote IPs

jamesmcm avatar Aug 12 '25 17:08 jamesmcm

The issue above is that it needs to resolve the IP addresses (both IPv4 and IPv6) for the endpoint before setting the DNS server to the internal ProtonVPN one.

It seems it is setting it first, and then cannot connect to it to resolve the hostname.

But we'll almost certainly also need some firewall changes to handle the case of IPv4 and IPv6 running at the same time but to separate remote IPs

yeah, much probably if is possible it can be cool anyway

NextWork123 avatar Aug 12 '25 18:08 NextWork123