Possible issue with IPv6 client connecting to an iPv4 host #1639
Comments
|
I have made a workaround which seems to work for the servers I use currently. I first detect if the client machine has IPv6 enabled on any of its ethernet/wireless adapters. var allNetworkInterfaces = NetworkInterface.GetAllNetworkInterfaces();
foreach (var networkInterface in allNetworkInterfaces)
{
// Don't look at network interfaces that are down
if (networkInterface.OperationalStatus != OperationalStatus.Up)
{
continue;
}
// Only look at ethernet and wireless interfaces.
// This likely is not checking VPNs
if (networkInterface.NetworkInterfaceType != NetworkInterfaceType.Ethernet && networkInterface.NetworkInterfaceType != NetworkInterfaceType.Wireless80211)
{
continue;
}
var interfaceSupportsIPv6 = networkInterface.Supports(NetworkInterfaceComponent.IPv6);
if (interfaceSupportsIPv6 == true)
{
IPv6Detected = true;
Logger.Info("IPv6 connection detected");
Logger.Info($"Id: {networkInterface.Id}");
Logger.Info($"Name: {networkInterface.Name}");
Logger.Info($"Description: {networkInterface.Description}");
break;
}
}Then later on when I go to connect to the remote host if // If IPv6 is detected we convert the host to an IPv4 address and then connect directly to that address.
var realHost = Host;
if (App.CurrentApp.IPv6Detected)
{
var ipv4Address = Dns.GetHostAddresses(Host).FirstOrDefault(ip => ip.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork)?.ToString() ?? string.Empty;
if (string.IsNullOrWhiteSpace(ipv4Address) == false)
{
Logger.Info($"Connecting to IPv4 address ({ipv4Address}) instead of host name ({Host}).");
realHost = ipv4Address;
}
} |
|
A related change in the library is: https://github.com/sshnet/SSH.NET/pull/1412/files#diff-26dfdbfb05b31914ef01185808106e1f6940985577213f16f79d2c4c05ef2496 Since then the library uses a Socket constructor which uses a dual-mode socket if possible: https://learn.microsoft.com/dotnet/api/system.net.sockets.socket.-ctor?view=net-9.0#system-net-sockets-socket-ctor(system-net-sockets-sockettype-system-net-sockets-protocoltype) The library does not currently expose a way to customise the transport, such as setting I think you could probably simplify the workaround using |
|
Thanks for the extra info. I figured it was socket somewhere deep inside, though I was looking to override the socket handles internal DNS lookup. Didn't know we could do it by setting I was using I have not checked my workaround on Windows yet, just macOS. But I assume it is fine. |
TL;DR; Connections only work if I disable IPv6 on local machine. Client may accept IPv6 connections, but I can only whitelist IPv4 addresses. Can I force SSH.NET to use IPv4 only?
Hey,
I started working on an old project again where an app would connect to a remote server to transfer some files. I could not connect to my remote test servers, connection would time out. I reduced the example right down to the following,
If I took the credentials I can manually SSH to the server without issues.
I have the issue across both my macOS and Windows machines here. Wondering if remote servers had changed I asked friend to try and they have no issues at all.
Remote host makes me input an IP address to whitelist my client machine. It only accepts IPv4 addresses, I tried an IPv6 address but it rejected it. If I disable IPv6 (tested on Windows by disabling in control panel) my connections work right away. So I think what is happening here is the host accepts an IPv6 connection but with no way to whitelist it I can't connect. I assume because the host accepts the IPv6 connection it won't attempt to fallback to IPv4. But if this is the case I don't understand why Terminal connects fine. I tried verbose output with ssh but I couldn't see any IPv4/6 things happening.
If I can confirm host accepts IPv6 connections I'll request they allow adding IPv6 whitelists which should solve the problem (at least on this host)
Is it possible to force
SshClientandSftpClientuse IPv4 if even if IPv6 is available?The text was updated successfully, but these errors were encountered: