[REQ] Allow to prioritize ipv6

[Hellek1]

In the instructions and FAQs, I see a lot about having too few nodes with port 8444 reachable. I am myself affected by that problem due to my ISP and I'm not willing to go for a VPN to work around that.

I do have excellent reachability of that port on ipv6 though (validated through http://www.ipv6scanner.com/cgi-bin/main.py ). Yet, only very rarely do I actually see an ipv6 connection in chia.

Would it be possible to either: a.) Run ipv6-only introducers that chia users can connect to b.) Allow to configure chia to prioritize ipv6 connections over ipv4. If such a configuration is already possible, it would be great if precise instructions could be given.

This is all written under the assumption that my setup is fine. If others are much more successful on using ipv6, please kindly let me know.

[Hellek1]

Out of 59 nodes currently connected to my master node only 1 is connected via ipv6. So it is theoretically possible to connect to other nodes by ipv6 even without adding ipv6 nodes by hand.

Absolutely, I also do get the occasional ipv6 connection. Probably also in ca. 2% of the cases. I just meant it happens much less than I think it should. I'm wondering why ipv6 is used so little and if that could be changed. Given the notes about how important it is that port 8444 is reachable in instructions and FAQs, I think this may be beneficial to the quality of the network and hence it would be great if someone with a better understanding of the code of chia could look into it. Right now I have 5 connections, all of them ipv4. This, albeit I'd be perfectly reachable on ipv6. I'm behind a DS-lite connection.

Edit: I just checked with another chia user. They were able to reach me via ipv6 without any problems. So I assume there would indeed be a great benefit it the chia client would more actively try ipv6 peers.

[fullet-tortuga]

Answering your question, IPv6 is quite disliked because it has serious privacy and security vulnerabilities. So many people just refuse to use it. Same thing with opening ports, it's a big nono and few people will put up with that. So here you have why the blockchain gets ages to update in your computer.

[maxpla3]

I'm also behind ds-lite and I have sync issues all the time. I have mostly one or two connections to ipv4 addresses. What can I do? I have a VPN account from NorthVPN. Can I use this to resolve my problem?

[carlreinke]

IPv4 and IPv6 should be managed as separate connection pools with separate limits. As it is right now, IPv6 is basically unusable (I have never seen an IPv6 connection that I didn't add manually), which only exacerbates the connectivity issues caused by all the nodes that are behind a NAT.

[maxpla3]

I managed to set port forwarding for my ipv6 address. A port scanner tells me that port 8444 for this address is open. After that the peer count in my chia client increased from 1-2 to 5-6. But I'm not sure whether the port forwarding caused the increase of peers or because I've added node-eu.chia.net manually. I talked to my internet provider and they can switch me over to dual stack so that I will have ipv4 and ipv6 addresses. This will cost additional $15 per month (there will also be a faster line which I actually don't need). What do you guys think? Is it worth it? Or will ipv6+port forwarding be enough for chia to run stable and synced 24/7?

[A1bi]

IPv6 is quite disliked because it has serious privacy and security vulnerabilities.

It's quite fascinating that people still repeat these long refuted untruths instead of educating themselves on IPv6. Both of your claims are ruled out by a simple firewall on the router and RFC 4941 privacy extensions on clients (enabled by default on all modern operating systems). That's the basics of every IPv6 setup. And if it was so disliked and insecure why are we approaching or exceeding 50 % of IPv6 traffic in many countries today? (Source)

Back to topic. Yes, something is not quite right with Chia's IPv6 implementation. After days I have yet to see any IPv6 peer connect to me (I have opened port 8444). IPv6 should always be prioritized if available.

[fullet-tortuga]

Ah ok, if it's on Google then it must be true. Yet that report means absolutely nothing without segmentating those users. Once you know what kind of users use IPv4 and which one IPv6 then you'll get your question answered :-)

On topic again, let the users choose instead of imposing to them.

[PascalPflaum]

Most consumer ISPs (at least in europe) don't provide directly accessable IPv4 adresses and the possibility to open ports anymore on IPv4 due the shortage of those adresses. I have a perfectly working open port on IPv6, but it seems like the chia network is (in code) prefering IPv4 adresses.

Yes, let the users, who don't habe the possibility to open ports on ipv4, choose to use ipv6 and give us a possibility to tell the network, that we are only reachable on ipv6, but not on ipv4.

[jcb55]

is it worth people publishing a list of ipv6 chia nodes so that they can manually add them ?

[A1bi]

All of the official public nodes I tested seem to be IPv6 capable. For example:

$ telnet -6 node-eu.chia.net 8444
Trying 2a05:d01c:e44:d701:3ca5:24ea:ca69:38ae...
Connected to node-eu.chia.net.

Though I was never able to force my node to connect to any other node through "Connect to other peers", neither with IPv6 nor IPv4. The dialog just disappears and no new connection is listed.

[fullet-tortuga]

I just verified and I'm happy to announce that all introducers and nodes are also available over IPv4.

[lynix]

So do introducers actually give out IPv6 addresses?

I'm on full dual-stack (with 8444/TCP open via v4 and v6) yet I haven't seen a single IPv6 connection. I tried blocking v4 for my node to force it to go IPv6 but it didn't manage to get a single connection within an entire hour.

[cat24max]

Answering your question, IPv6 is quite disliked because it has serious privacy and security vulnerabilities. So many people just refuse to use it. Same thing with opening ports, it's a big nono and few people will put up with that. So here you have why the blockchain gets ages to update in your computer.

You seem to have absolutely no idea, so please stop spreading these lies. You either know they are not true and are trolling, or you are really that stupid.

IPv6 has no serious security and no privacy vulnerabilities.

[github-actions[bot]]

This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.

[Hellek1]

This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.

Has anybody seen any improvement in the ipv6-behavior of chia?

[lynix]

Nope, still can't get (or even force) a single IPv6 connection despite being on full dual stack.

The fact that this issue has had no interaction with any of the devs since its creation 3 months ago makes me think they just don't care. I must admit I didn't have the time to look at the code and come up with a pull request either, so I can't complain.

[emlowe]

Admittedly, IPV6 enhancements are fairly low on the list.

[github-actions[bot]]

This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.

[github-actions[bot]]

This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.

[github-actions[bot]]

This issue was automatically closed because it has been flagged as stale and subsequently passed 7 days with no further activity.