Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expose a global switch to disable IPV6 to overcome DualMode socket issues in environments that do not support IPV6 #47583

Closed
antonfirsov opened this issue Jan 28, 2021 · 5 comments · Fixed by #55012
Closed

Expose a global switch to disable IPV6 to overcome DualMode socket issues in environments that do not support IPV6 #47583

antonfirsov opened this issue Jan 28, 2021 · 5 comments · Fixed by #55012
Assignees
@antonfirsov
Labels
area-System.Net enhancement Product code improvement that does NOT require public API changes/additions
Milestone
6.0.0

Comments

@antonfirsov
Copy link
Member

antonfirsov commented Jan 28, 2021
edited
Loading

BCL as well as external libraries tend to shift towards dual-stack sockets in their networking code. This conforms to best practices defined in RFC1933, but can lead to issues when connections are established through VPN tunnels which do not support IPv6 and/or dual-stack properly.

A custom ConnectCallback can help in HttpClient use cases where users have direct control over their HttpClient instances (#47267), but in cases where the Socket connections are carried out by an external component, users may get blocked (#45462).

This cases are rare, but the fix is simple, and easy to communicate (see #45893), therefore we should consider implementing it in .NET 6.
@dotnet-issue-labeler dotnet-issue-labeler bot added area-System.Net untriaged New issue has not been triaged by the area owner labels Jan 28, 2021
@ghost
Copy link

ghost commented Jan 28, 2021

Tagging subscribers to this area: @dotnet/ncl
See info in area-owners.md if you want to be subscribed.

Issue Details

BCL and external libraries tend to shift towards dual-stack sockets in their networking code. This conforms to best practices defined in RFC1933, but can lead to issues when connections are established through VPN tunnels which do not support IPv6 and/or dual-stack properly.

A custom ConnectCallback can help in HttpClient use cases where users have direct control over their HttpClient instances (#47267), but in cases where the Socket connections are carried out by an external component, users may get blocked (#45462).

This cases are rare, but the fix is simple, and easy to communicate (see #45893), therefore we should consider implementing it in .NET 6.

Author: antonfirsov
Assignees: -
Labels:

area-System.Net, untriaged
Milestone: -

@antonfirsov antonfirsov mentioned this issue Jan 28, 2021
Open
@karelz
Copy link
Member

karelz commented Feb 2, 2021

Would it make sense to generalize it to global switch to disable either IPv4 or IPv6?

@karelz karelz added this to the 6.0.0 milestone Feb 2, 2021
@karelz karelz added the enhancement Product code improvement that does NOT require public API changes/additions label Feb 2, 2021
@geoffkizer
Copy link
Contributor

Would it make sense to generalize it to global switch to disable either IPv4 or IPv6?

I doubt it. I haven't heard any issues re IPv4.

Even if we wanted to do this, I think it would be a separate switch.

@antonfirsov antonfirsov mentioned this issue Feb 9, 2021
Open
@karelz karelz removed the untriaged New issue has not been triaged by the area owner label Feb 16, 2021
@karelz
Copy link
Member

karelz commented Feb 16, 2021

Triage: We cannot do today IPv6 only, so let's add DisableIPv6 switch.

@karelz
Copy link
Member

karelz commented May 5, 2021

Another case in #52287

@karelz karelz mentioned this issue Jun 30, 2021
Closed
@antonfirsov antonfirsov mentioned this issue Jul 1, 2021
Merged
@ghost ghost added the in-pr There is an active PR which will close this issue when it is merged label Jul 1, 2021
@ManickaP ManickaP mentioned this issue Jul 9, 2021
Merged
alnikola pushed a commit that referenced this issue Jul 12, 2021
@antonfirsov
Expose a global switch to disable IPV6 (#55012)
067aa16 
Fixes #47583. Resolves #52287, #54807 and similar issues, without changing customer application code.

Introduces an AppContext switch `System.Net.DisableIPv6` and environment variable `DOTNET_SYSTEM_NET_DISABLEIPV6` to emulate the lack of OS-level IPv6 support. This is useful to workaround dual-stack socket issues when the OS reports support of IPv6, but some other underlying infrastructure element (typically VPN) doesn't function well with IPv6 request.

For consistency, this switch also impacts NameResolution and Ping, not only Sockets.
@ghost ghost removed the in-pr There is an active PR which will close this issue when it is merged label Jul 12, 2021
@ghost ghost locked as resolved and limited conversation to collaborators Aug 11, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@antonfirsov antonfirsov

Labels
area-System.Net enhancement Product code improvement that does NOT require public API changes/additions
Projects
None yet
Milestone
6.0.0
Development

Successfully merging a pull request may close this issue.

Expose a global switch to disable IPV6 antonfirsov/runtime
3 participants
@karelz @antonfirsov @geoffkizer