I just made a VPN on Linode for openvpn, and im confused on if it is actually masking my location. Using whats my ip address, it says my ipv6 is where i actually am, with the actual isp information, but my ipv4 says what the vpn is supposed to be. Does my isp look at ipv6? is it a problem with the dns im using(adguard dns)?
just turn off ipv6. you really dont need it in most use cases.
Ever see movies like Star Gate or Interstellar where people use worm-hole tunnels to essentially teleport to different locations across the galaxy?
The exit interface on your Router that connects to the wild internet (DMZ) is literally called “The Gateway.” The VPN tunnel connects your gateway to another gateway at the other end of the VPN Tunnel.
So basically your internet traffic enters this Encrypted VPN tunnel and Exits out the other end, which can be on the other end of the world. Your data then assums the IP of the Gateway Tunnel endpoint, which the Internet Service Provider has registered as a geographical tunnel.
Your can visualize this as your web traffic being teleported through a Star Gate if that’s helpful.
Your VPN is not working correctly. Your VPN is only proxying IPv4, while you have an dual stack internet connection. Upgrade your own VPN server to also carry IPv6 to prevent any traffic outside the tunnel
https://www.whatismyip.com Will show the location of the servers from which people see you surfing the web (the physical location of the VPN providers servers). There are alot of complicated nuances to it such as browser cookies on your computer that may expose your actual location, or ways experts may have of examining your connection, etc. but basically that one sentence above is the main idea.
r/technicallythetruth
how can i do that? again, i’m using linode openvpn, and not from my own computer
oh i already did turn it off it seems
Just found out most VPN clients are not shielding your IPv6 address.
Was a bit of a chore disabling it in Linux.
This should be all you have to do on the linode for most major linux distros:
sysctl -p net.ipv6.conf.all.disable_ipv6=1
sysctl -p net.ipv6.conf.default.disable_ipv6=1
sysctl -p net.ipv6.conf.lo.disable_ipv6=1
This will make the change persistent. If you want to flush these changes at reboot or something use the commands with -w rather than -p
Don’t disable it. Get a VPN that supports v6, and put the v6 down the VPN too.
We’re long past the point where disabling it is sensible, and you shouldn’t be paying for a VPN that makes you want to do so.
i opened the linode lish console, and it said there was no such file or directory
It isn’t the client’s fault, it is because the VPN provider doesn’t support IPv6. As the other comment says, change providers.
Most cloud VPS providers including Linode do indeed have ipv6. So that’s certainly not the issue. They aren’t even a vpn company. OP is using a cloud vps to set up their own vpn server.
It’s iptables rules in the postup of OP’s Wireguard config on their vps server not MASQUERADE’ing ipv6. The alternatives are to masquerade ipv6 via ip6tables or disable ipv6 on both Wireguard VPS server and client (or at least the client) to prevent leaks.
Assuming they aren’t trying to spilt-tunnel or something else on the client this is probably the actual issue. Or forgot to include ipv6 in the allowedips on the client if they didn’t already masquerade/disable ipv6 on the server.
I do not need or want IPv6. Provider’s client does a fine job firewalling IPv6 on everything but Linux. Linux requires fiddling, which we all know. I’m okay with it. Provider is great.
run the 3 *separate* sysctl commands one at time. It shouldn’t even be trying to access a file so I’m not sure what “no such file or directory” is even showing up for, sounds like it was entered wrong in some way.
You don’t need to disable or masquerade it. Linode provide a routed /56, so just pick a /64 from that and use it for Wireguard.
yeah i did one at a time, each one saying the same thing for each line
Even if you use -w instead of -p?
What Linux distro is it?
Here’s another way, this should allow ipv6 through the tunnel for the server config:
ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
It’s basically like the iptables rules you already have for PostUp in the Wireguard server config, except these are ip6tables for ipv6 rather than only iptables for just ipv4.
Also on the client config be sure ipv6 is included in AllowedIPs. For example this forces ipv4 and ipv6 through the tunnel for the client config:
AllowedIPs = 0.0.0.0/0, ::/0
sorry for late reply, but i just did it right now
it echoed everything after “sysctl -w”
but also, im looking at how much traffic is going thru ipv4 and ipv6, and the most thats gone thru ipv6 was 3 bytes earlier this morning, so i assume it was already disabled