IPv6 for P2P
IPv6 is usually associated with the problem of lack of IPv4 addresses, which the yellow press likes to write about. That from day to day there will be no free addresses and the transition to IPv6 will be inevitable. Skeptics believe that the problem is as bloated as the “mistake 2000” at one time, when everyone was afraid that after 1999 there would be 1900 and a man-made disaster would happen.
For most users, indeed, no benefit from IPv6. What is the difference, for example, that packet headers are more convenient for the router? But for P2P, the NAT problem (due to which IPv4 addresses have not yet ended) is real, since for peer-to-peer communication (even to send a file via Jabber or ICQ) it is necessary that at least one of the participants is accessible from the outside, i.e. I had a real IP address or at least a port. Some providers provide an external address for a fee, some do not have such a possibility, and it is for NAT sufferers that IPv6 will be most useful.
It will also be useful to those who have a provider that cuts p2p traffic. In Russia, this (for now?) Is not so common, but abroad is far from uncommon. IPv6 traffic (more precisely, wrapped in regular UDP packets) is not cut by them. It can also help in a situation where p2p traffic is blocked by the corporate firewall, but you can configure IPv6 through the tunnel.
')
At the user level, the main difference is that the IP address does not consist of 4 bytes, and is written not in the decimal system through a dot, but 16 bytes, which are written in hexadecimal form of 4 digits (2 bytes) and separated by a colon. Zeros at the beginning of numbers can be omitted, and the longest chain: 0: 0: 0: 0: in the address, you can simply replace with two colons. At the same time :: - normal IPv6-address, consisting entirely of zeros. In the browser, if you need to specify the numeric address of the site, then it is placed in square brackets, for example http: // [2001: 4860: a003 :: 68] /
If you are lucky, your provider provides Native IPv6. Congratulations, you are lucky! The rest is to transmit IPv6 packets, wrapping them in IPv4 over “old” networks. There are a lot of ways to connect, both automatic (such as 6to4 and teredo) and manually created tunnels, and working with or without a static external IPv4 address, even behind the most tricky NATs.
The easiest way is if you have an external IPv4. You pick up the 6to4 interface (stf in BSD, sit in Linux), configure your IPv6 address like 2002: xxyy: zztt: where xx.yy.zz.tt is your IPv4 address in hexadecimal format, and send all outgoing packets to 192.88.99.1. Specific actions for specific systems do not write, in Google they are complete ( example ).
Plus of such connection - simplicity of setup. IPv6 packets over IPv4 can be sent to you by anyone, you can be sent to the nearest gate. 192.88.99.1 - this is the so-called anycast address, there can be any number of them in the network, and your provider sends them, as a rule, to the nearest one. The reverse side of this is that it is impossible to figure out why some address or subnet was unavailable, because Real routes are unpredictable and may change over time. The second point is that one machine under FreeBSD has rebooted twice for unknown reasons in two days, and it works with a static tunnel. On the other hand, for several acquaintances on Linux, this option has long been working without problems.
An option for automatic configuration due to NAT. If you have uTorrent 1.8 and higher, the button “Install IPv6 / Teredo” appeared in the settings - it is enough to press it to configure. To install manually, you need to run two commands from the command line:
The disadvantage of this option is that it does not work with all types of NAT. If after installation you do not open ipv6.google.com run from the command line
A big plus (as in the case of 6to4) is that with those who are also connected via teredo, you will connect directly, the external server will only help to establish a connection through NAT Traversal, and it is possible to start pinging yourself. Therefore, the speed will not be worse than in the case of a direct connection (the loss on wrapping IPv6 packets into UDPv4 packets is minimal).
If automatic configuration did not help (symmetric NAT), or you want predictable packet masturization, there are plenty of free Tunnel Brokers . His choice should be taken very carefully, as well as the choice of a proxy server, because both ping and speed will depend on this (this is true for teredo too - you can change the default server to teredo.remlab.net, it’s closer to Russia). The main tools are ping and traceroute. See who your ISP’s overseas traffic is going through. See the route to 192.88.99.1 (for many, it will go to Hurricane Electric - .he.net).
The easiest way to install is go6.net. It’s enough to download the program from their site, if you want to register, install (it will swear at the "unsigned driver" - you need to confirm the installation), that's all. It works with all types of NAT (unless it is necessary to allow outgoing port 3653 in the firewall). Although there are problems too, and with the built-in firewall, and because of his absence, he only worked for me when the teredo was on (but not working because of Symmetric NAT).
The downside is that go6 is in Canada, and all traffic, as I understand it, passes through itself. Because of this, ping from 300 ms and up, low speed. Somewhere came across information that hexago-hexago and ayiya-ayiya can establish “straight” tunnels with each other, if possible (NAT Traversal), but I can neither confirm nor deny it.
Official site - www.tunnelbroker.net Minus: provide only static tunnels, i.e. An external IPv4 address is required. The site needs registration. Plus: they have many “access points” through which you can connect in many countries, so you can choose quite close to yourself, and the speed will be almost as good as direct IPv4.
Official website: www.sixxs.net They have the most difficult registration (data are checked manually, from several hours to days), but also the widest range of possible connection methods and access points , so there is a high chance of finding within 10 “jumps” (by traceroute) from myself. I stopped on this option, I recommend.
After registration, you must order AYIYA tunnel. At the same time they let me choose one of the access points (we check the trace and ping; the closest from me was sesto in Sweden). The order is also checked manually (hours, days), while taking the internal "conventional units" for it, so the type of tunnel must initially be ordered the correct one. Then - download the software , and there are pitfalls. Tap32-driver and client are downloaded and installed separately. unzip tap901, run addtap.bat once - every time it starts it creates a new interface, if you accidentally create unnecessary ones - deltapall.bat deletes everything at once. There are two clients (AICCU), with and without GUI, but the GUI is not compatible with the latest driver version. It is better to download both, run the GUI once, enter the login / password, get the settings from the server, and select the Save Configuration button by clicking the icon. No more GUI needed. If you now run the client from the command line, everything should work. If you're lucky, of course. In order for IPv6 to start when the computer is booted, you need the instsrv and srvany utilities, which allow you to register this client as a Windows service (service). A very detailed description of the settings is in English .
To connect to someone via IPv6, you need to know his address. Naturally, IPv6 should support a torrent client. This is uTorrent since 1.8 (and the corresponding version of the official BitTorrent), Azureus since 4.1.0.0 (the old ones cursed at “error 16”), Transmission from version 1.50, I don’t know about others.
You can find each other by DHT. They have 2 implementations. Azureus has its own, is no longer compatible with anyone, but supports IPv6. In uTorrent and all the others - not yet, but it is planned in the future. But IPv6 is supported by PEX. But all this works only on open trackers, without the private flag in the torrent.
Best of all, if IPv6 supports tracker. According to the documentation , for this, the peers6 field was added to the response protocol (“compact”, to which almost everyone switched), where a binary list of addresses is transmitted, 18 bytes each (16 is the address, 2 is the port). In addition, the client can transmit the & ipv6 = parameter and, in principle, the tracker can transmit IPv6 addresses to each other to clients, even if it cannot accept connections over IPv6. The disadvantage of this approach is that through this parameter it is possible to transfer “left” addresses, thus littering the tracker.
If the tracker itself is accessible via IPv6, then it will see the real addresses of the person who accesses it. But if the A tracker’s domain name has both an A record and AAAA, then the clients will only connect via IPv6, and the tracker will not know their IPv4 addresses (the & ip = and & ipv4 = arguments also allow to “litter”, and nobody actually sends them , uTorrent is the only one transmitting & ipv6 =). It turns out, ideally, in the torrent file you need to register 2 addresses for both protocols.
Trackers with IPv6 support are few. There is www.sixxs.net/tools/tracker/catalog but there is practically nothing there, it is more for tests and demonstrations. The Pirate Bay announced IPv6 support in January (only the tracker, their IPv6 site itself is not available). In February, IPv6 support appeared on runet on ipv6.nnm-club.ru (registration there is either opened or closed only by invite, but it is always open when logging in via IPv6).
But in order for all this to make sense, it is necessary that there be a sufficient number of clients. The TPB main page last time was statistics on the number of peers, according to which only 0.12% were IPv6 (at the moment for some reason, by zeros). This roughly corresponds to my personal experience - for a hundred peers, at best, 1-2 for IPv6. According to statistics from nnm-club, 14% of clients transmit & ipv6 = or connect via IPv6 to the tracker. In fact, some of them are transmitted by the “local” addresses of fe80: i.e. Their IPv6 is not configured, but somewhere around 12% the address is real.
And a few words and programming, more precisely - porting ready-made applications for IPv6. I highly recommend the book Jun-ichiro itojun Hagino "IPv6 Network Programming" just about that. The best part is that almost all functions - socket, connect, listen, send, recv - IPv6 support, and you don’t have to touch them at all.
The first main point is that it is necessary to abandon the use of the sockaddr_in structure (and even more so the storage of the IP address in int and functions of the inet_addr type). Instead, there is a universal sockaddr_storage structure, if desired, its ss_family field can be checked for AF_INET and converted to sockaddr_in, or, if it is equal to AF_INET6, sockaddr_in6.
The second point - working with DNS and string representation of addresses. It should be translated to the universal functions getaddrinfo and getnameinfo. It should be borne in mind that getaddrinfo can return several addresses, while the server needs to listen (bind, listen) all, the client - try to connect in turn, until it turns out with one of the addresses.
In php, the main thing to pay attention to is that in $ _SERVER ['REMOTE_ADDR'] there can be not only an IPv4 address, but also an IPv6 if your web server supports it.
For most users, indeed, no benefit from IPv6. What is the difference, for example, that packet headers are more convenient for the router? But for P2P, the NAT problem (due to which IPv4 addresses have not yet ended) is real, since for peer-to-peer communication (even to send a file via Jabber or ICQ) it is necessary that at least one of the participants is accessible from the outside, i.e. I had a real IP address or at least a port. Some providers provide an external address for a fee, some do not have such a possibility, and it is for NAT sufferers that IPv6 will be most useful.
It will also be useful to those who have a provider that cuts p2p traffic. In Russia, this (for now?) Is not so common, but abroad is far from uncommon. IPv6 traffic (more precisely, wrapped in regular UDP packets) is not cut by them. It can also help in a situation where p2p traffic is blocked by the corporate firewall, but you can configure IPv6 through the tunnel.
')
At the user level, the main difference is that the IP address does not consist of 4 bytes, and is written not in the decimal system through a dot, but 16 bytes, which are written in hexadecimal form of 4 digits (2 bytes) and separated by a colon. Zeros at the beginning of numbers can be omitted, and the longest chain: 0: 0: 0: 0: in the address, you can simply replace with two colons. At the same time :: - normal IPv6-address, consisting entirely of zeros. In the browser, if you need to specify the numeric address of the site, then it is placed in square brackets, for example http: // [2001: 4860: a003 :: 68] /
Connection methods
If you are lucky, your provider provides Native IPv6. Congratulations, you are lucky! The rest is to transmit IPv6 packets, wrapping them in IPv4 over “old” networks. There are a lot of ways to connect, both automatic (such as 6to4 and teredo) and manually created tunnels, and working with or without a static external IPv4 address, even behind the most tricky NATs.
6to4
The easiest way is if you have an external IPv4. You pick up the 6to4 interface (stf in BSD, sit in Linux), configure your IPv6 address like 2002: xxyy: zztt: where xx.yy.zz.tt is your IPv4 address in hexadecimal format, and send all outgoing packets to 192.88.99.1. Specific actions for specific systems do not write, in Google they are complete ( example ).
Plus of such connection - simplicity of setup. IPv6 packets over IPv4 can be sent to you by anyone, you can be sent to the nearest gate. 192.88.99.1 - this is the so-called anycast address, there can be any number of them in the network, and your provider sends them, as a rule, to the nearest one. The reverse side of this is that it is impossible to figure out why some address or subnet was unavailable, because Real routes are unpredictable and may change over time. The second point is that one machine under FreeBSD has rebooted twice for unknown reasons in two days, and it works with a static tunnel. On the other hand, for several acquaintances on Linux, this option has long been working without problems.
Teredo
An option for automatic configuration due to NAT. If you have uTorrent 1.8 and higher, the button “Install IPv6 / Teredo” appeared in the settings - it is enough to press it to configure. To install manually, you need to run two commands from the command line:
ipv6 install netsh int ipv6 set teredo clientIn * nix systems, it is enough to install miredo for example, with the command:
sudo apt-get install miredoIn Vista, it is enabled by default.
The disadvantage of this option is that it does not work with all types of NAT. If after installation you do not open ipv6.google.com run from the command line
netsh int ipv6 show teredoif it says "Error: client is behind symmetric NAT" - you are not lucky. In any case, it is highly advisable to install the latest service packs, for example XP SP2 created an address with the 3ffe prefix: not 2001: This is fixed in SP3, in SP2 you can put KB922819 or correct / add \ HKLM \ System \ CurrentControlSet \ Services \ Tcpip6 \ in regedit Parameters \ GlobalParams \ TeredoPrefix at 0x120 (288). The second disadvantage is that in spite of the seeming simplicity of setup, not everything is always simple. For some, everything only works when the built-in Windows firewall is turned off, for someone, on the contrary, only when it is turned on. And to describe in advance all possible problems, conflicts, and ways to solve them is simply impossible.
A big plus (as in the case of 6to4) is that with those who are also connected via teredo, you will connect directly, the external server will only help to establish a connection through NAT Traversal, and it is possible to start pinging yourself. Therefore, the speed will not be worse than in the case of a direct connection (the loss on wrapping IPv6 packets into UDPv4 packets is minimal).
Hexago (go6)
If automatic configuration did not help (symmetric NAT), or you want predictable packet masturization, there are plenty of free Tunnel Brokers . His choice should be taken very carefully, as well as the choice of a proxy server, because both ping and speed will depend on this (this is true for teredo too - you can change the default server to teredo.remlab.net, it’s closer to Russia). The main tools are ping and traceroute. See who your ISP’s overseas traffic is going through. See the route to 192.88.99.1 (for many, it will go to Hurricane Electric - .he.net).
The easiest way to install is go6.net. It’s enough to download the program from their site, if you want to register, install (it will swear at the "unsigned driver" - you need to confirm the installation), that's all. It works with all types of NAT (unless it is necessary to allow outgoing port 3653 in the firewall). Although there are problems too, and with the built-in firewall, and because of his absence, he only worked for me when the teredo was on (but not working because of Symmetric NAT).
The downside is that go6 is in Canada, and all traffic, as I understand it, passes through itself. Because of this, ping from 300 ms and up, low speed. Somewhere came across information that hexago-hexago and ayiya-ayiya can establish “straight” tunnels with each other, if possible (NAT Traversal), but I can neither confirm nor deny it.
Hurricane Electric
Official site - www.tunnelbroker.net Minus: provide only static tunnels, i.e. An external IPv4 address is required. The site needs registration. Plus: they have many “access points” through which you can connect in many countries, so you can choose quite close to yourself, and the speed will be almost as good as direct IPv4.
SixXS
Official website: www.sixxs.net They have the most difficult registration (data are checked manually, from several hours to days), but also the widest range of possible connection methods and access points , so there is a high chance of finding within 10 “jumps” (by traceroute) from myself. I stopped on this option, I recommend.
After registration, you must order AYIYA tunnel. At the same time they let me choose one of the access points (we check the trace and ping; the closest from me was sesto in Sweden). The order is also checked manually (hours, days), while taking the internal "conventional units" for it, so the type of tunnel must initially be ordered the correct one. Then - download the software , and there are pitfalls. Tap32-driver and client are downloaded and installed separately. unzip tap901, run addtap.bat once - every time it starts it creates a new interface, if you accidentally create unnecessary ones - deltapall.bat deletes everything at once. There are two clients (AICCU), with and without GUI, but the GUI is not compatible with the latest driver version. It is better to download both, run the GUI once, enter the login / password, get the settings from the server, and select the Save Configuration button by clicking the icon. No more GUI needed. If you now run the client from the command line, everything should work. If you're lucky, of course. In order for IPv6 to start when the computer is booted, you need the instsrv and srvany utilities, which allow you to register this client as a Windows service (service). A very detailed description of the settings is in English .
Bittorrent
To connect to someone via IPv6, you need to know his address. Naturally, IPv6 should support a torrent client. This is uTorrent since 1.8 (and the corresponding version of the official BitTorrent), Azureus since 4.1.0.0 (the old ones cursed at “error 16”), Transmission from version 1.50, I don’t know about others.
You can find each other by DHT. They have 2 implementations. Azureus has its own, is no longer compatible with anyone, but supports IPv6. In uTorrent and all the others - not yet, but it is planned in the future. But IPv6 is supported by PEX. But all this works only on open trackers, without the private flag in the torrent.
Best of all, if IPv6 supports tracker. According to the documentation , for this, the peers6 field was added to the response protocol (“compact”, to which almost everyone switched), where a binary list of addresses is transmitted, 18 bytes each (16 is the address, 2 is the port). In addition, the client can transmit the & ipv6 = parameter and, in principle, the tracker can transmit IPv6 addresses to each other to clients, even if it cannot accept connections over IPv6. The disadvantage of this approach is that through this parameter it is possible to transfer “left” addresses, thus littering the tracker.
If the tracker itself is accessible via IPv6, then it will see the real addresses of the person who accesses it. But if the A tracker’s domain name has both an A record and AAAA, then the clients will only connect via IPv6, and the tracker will not know their IPv4 addresses (the & ip = and & ipv4 = arguments also allow to “litter”, and nobody actually sends them , uTorrent is the only one transmitting & ipv6 =). It turns out, ideally, in the torrent file you need to register 2 addresses for both protocols.
Trackers
Trackers with IPv6 support are few. There is www.sixxs.net/tools/tracker/catalog but there is practically nothing there, it is more for tests and demonstrations. The Pirate Bay announced IPv6 support in January (only the tracker, their IPv6 site itself is not available). In February, IPv6 support appeared on runet on ipv6.nnm-club.ru (registration there is either opened or closed only by invite, but it is always open when logging in via IPv6).
But in order for all this to make sense, it is necessary that there be a sufficient number of clients. The TPB main page last time was statistics on the number of peers, according to which only 0.12% were IPv6 (at the moment for some reason, by zeros). This roughly corresponds to my personal experience - for a hundred peers, at best, 1-2 for IPv6. According to statistics from nnm-club, 14% of clients transmit & ipv6 = or connect via IPv6 to the tracker. In fact, some of them are transmitted by the “local” addresses of fe80: i.e. Their IPv6 is not configured, but somewhere around 12% the address is real.
Programming
And a few words and programming, more precisely - porting ready-made applications for IPv6. I highly recommend the book Jun-ichiro itojun Hagino "IPv6 Network Programming" just about that. The best part is that almost all functions - socket, connect, listen, send, recv - IPv6 support, and you don’t have to touch them at all.
The first main point is that it is necessary to abandon the use of the sockaddr_in structure (and even more so the storage of the IP address in int and functions of the inet_addr type). Instead, there is a universal sockaddr_storage structure, if desired, its ss_family field can be checked for AF_INET and converted to sockaddr_in, or, if it is equal to AF_INET6, sockaddr_in6.
The second point - working with DNS and string representation of addresses. It should be translated to the universal functions getaddrinfo and getnameinfo. It should be borne in mind that getaddrinfo can return several addresses, while the server needs to listen (bind, listen) all, the client - try to connect in turn, until it turns out with one of the addresses.
In php, the main thing to pay attention to is that in $ _SERVER ['REMOTE_ADDR'] there can be not only an IPv4 address, but also an IPv6 if your web server supports it.
Source: https://habr.com/ru/post/53625/
All Articles