IPv6, DNS, SystemConfiguration and GitHub PR

[solte...@gmail.com]

Hi.

Currently when you connect through Tunnelblick, even if you get an IPv6 address from the VPN server, SystemConfiguration isn't informed about it -- scutil related parts are really hacky and don't consider IPv6 at all. (Btw, Viscosity handles this correctly and IPv6 "just works" in it).

Because of that, even if IPv6 network is reachable, mDNSResponder and other built-in resolving mechanisms never try to fetch AAAA records and connect via IPv6.

On the other hand, apps like Google Chrome which do resolving on their own often ignore "fetchA / fetchAAAA / fetchALL" flags, and because of that IPv6 works fine in Google Chrome.

I've made a Pull Request on GitHub which fixes this issue, and also adds handling for DNS6 setting pushed from server (they were just ignored before).

However, I've got almost no reaction, and nobody really reviewed it, not even talking about merging it in.

Since it only changes scripts, I can of course just edit them locally and tell Tunnelblick to ignore hash mismatches -- but that doesn't seem elegant for me.

There is no info about this IPv6 DNS issue even on Tunnelblick website, afaik -- so in case somebody encounters same issue he'd probably have to dig into configd, mdnsresponder and other parts of apple programs just to get the idea of what causes the issue./

There already were reports of it, and I also know some users who just bought Viscosity because it works unlike Tunnelblick.