Hello,
We are developing a VPN app and have come across some very strange behavior when dealing with hybrid networks.
Our VPN configuration, when we see that a network supports both protocols, we form both IPv4 and IPv6 network settings to our tunnel.
We're setting "defaultRoute" of both IPv4 and IPv6 tunnels, and we're using the system's DNS servers.
We discovered that in this case when the browser gets a DNS response for both IPv4 and IPv6 addresses, it sometimes follows by starting the TCP connection to both addresses.
For example, we're testing with ip6.me. It's shows your IPv6 network if you have it, and IPv4 address if you don't.
However once we start the VPN it shows the IPv4. Going to ip6only.me does show the IPv6 address when the VPN is on.
We've run tcp dumps on the iPhone and we see that when the VPN is OFF the browser send three DNS requests to ip6.me (<A>,<AAAA> and <HTTPS>) and receives response for all three, then it starts a single tcp (http) connection to the IPv6 address.
However with the VPN is ON, the browser send the same DNS queries and receives the same responses, but follows to make two tcp connections, first to the IPv6 address (and gets the expected response with the IPv6 address in the http response) and about 0.5 second later it send another tcp connection this time to the IPv4 address. For some reason it's always the latter response that is rendered on the browser.
We've tried this repeatedly, on a number of devices, using different hybrid networks (wifi / cellular), always to the same result. We've also tried other VPN apps that support hybrid networks and see same behavior.
I don't know if it's a bug in the system or in the website, we have worries that it might increase network consumption and affect battery.
Can anyone share insights on this?
We are developing a VPN app and have come across some very strange behavior when dealing with hybrid networks.
Our VPN configuration, when we see that a network supports both protocols, we form both IPv4 and IPv6 network settings to our tunnel.
We're setting "defaultRoute" of both IPv4 and IPv6 tunnels, and we're using the system's DNS servers.
We discovered that in this case when the browser gets a DNS response for both IPv4 and IPv6 addresses, it sometimes follows by starting the TCP connection to both addresses.
For example, we're testing with ip6.me. It's shows your IPv6 network if you have it, and IPv4 address if you don't.
However once we start the VPN it shows the IPv4. Going to ip6only.me does show the IPv6 address when the VPN is on.
We've run tcp dumps on the iPhone and we see that when the VPN is OFF the browser send three DNS requests to ip6.me (<A>,<AAAA> and <HTTPS>) and receives response for all three, then it starts a single tcp (http) connection to the IPv6 address.
However with the VPN is ON, the browser send the same DNS queries and receives the same responses, but follows to make two tcp connections, first to the IPv6 address (and gets the expected response with the IPv6 address in the http response) and about 0.5 second later it send another tcp connection this time to the IPv4 address. For some reason it's always the latter response that is rendered on the browser.
We've tried this repeatedly, on a number of devices, using different hybrid networks (wifi / cellular), always to the same result. We've also tried other VPN apps that support hybrid networks and see same behavior.
I don't know if it's a bug in the system or in the website, we have worries that it might increase network consumption and affect battery.
Can anyone share insights on this?