Mac OS + IPv6 via WireGuard: "Network is down"
Joachim Tingvold
joachim at tingvold.com
Sat Aug 3 16:54:26 CEST 2019
Hi,
I've been trying out WireGuard for some time now, and I've encountered
somewhat of an issue.
Whenever I try to reach resources via IPv6 using their FQDN, when the
Mac only has IPv4 available via it's default interface (but IPv6 via
WireGuard), things behave strangely; I can communicate with IPv6-hosts
using their IPv6 address, but not their FQDN.
Anyone knows what could cause this, and how to solve it?
jocke at keklolwtf: ~ $ ssh foo.jocke.no
ssh: Could not resolve hostname foo.jocke.no: nodename nor servname
provided, or not known
jocke at keklolwtf: ~ $ ssh -6 foo.jocke.no
ssh: connect to host foo.jocke.no: Network is down
jocke at keklolwtf: ~ $ dig foo.jocke.no aaaa +short
2001:67c:197c:bar::1
jocke at keklolwtf: ~ $ host foo.jocke.no
foo.jocke.no has IPv6 address 2001:67c:197c:bar::1
jocke at keklolwtf: ~ $ ping6 foo.jocke.no -c1
PING6(56=40+8+8 bytes) 2001:67c:197c:foo::1 --> 2001:67c:197c:bar::1
16 bytes from 2001:67c:197c:bar::1, icmp_seq=0 hlim=61 time=38.701 ms
--- foo.jocke.no ping6 statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 38.701/38.701/38.701/0.000 ms
jocke at keklolwtf: ~ $ ssh 2001:67c:197c:bar::1 "date"
Sat Aug 3 16:45:50 CEST 2019
jocke at keklolwtf: ~ $ netstat -rn
[…]
Internet6:
Destination Gateway
Flags Netif Expire
default 2001:67c:197c:foo::
UGcI utun1
2001:67c:197c::/48 link#29
UCS utun1
jocke at keklolwtf: ~ $ ifconfig utun1
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1420
inet6 fe80::<snip>%utun1 prefixlen 64 scopeid 0x1d
inet6 2001:67c:197c:foo::1 prefixlen 120
nd6 options=201<PERFORMNUD,DAD>
###
[Interface]
PrivateKey = <snip>
Address = 2001:67c:197c:foo::1/128
[Peer]
PublicKey = <snip>
AllowedIPs = 2001:67c:197c::/48
Endpoint = <snip>
###
--
Joachim
More information about the WireGuard
mailing list