-
Notifications
You must be signed in to change notification settings - Fork 442
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
miniupnpc: Can only open IPv6 ports if XML root device description URL is set #703
Comments
@Self-Hosting-Group If the URL is right (with a IPv6 GUA) then miniupnpc will use the GUA. |
It turned out that the bug was not in the client, but in the daemon. The daemon was compiled with UPNP_STRICT, which probably inadvertently disables multicasting on the IPv6 GUA, so the client only discovers the IPv6 link-local endpoint URL and not the GUA. The following PR #738 fixes the daemon. On the client side, the only thing missing with IPv6, if it's not too complicated, is the ability to select the IPv6 GUA address to use. |
The Daemon is advertising it's GUA based URL even when using linklocal Multicast address ! |
If daemon is compiled without UPNP_STRICT
If daemon is compiled with UPNP_STRICT
|
I have to check in the standard what address it is supposed to return in the announcement. |
https://openconnectivity.org/upnp-specs/UPnP-arch-DeviceArchitecture-v2.0-20200417.pdf
|
I think there is no bug in miniupnpd according to the standard. Also I think I need to make sure that miniupnpc first use FF05::C then FF02::C |
The standard mandates which IPv6 address to use in Location: see #703
Otherwise, the URL with the IPv6 link-local address is used after discovery, which does not allow ports to be opened for IPv6 GUA addresses.
Also, the exact IPv6 address to initiate the request is not selectable, which is a limitation for client operating systems where multiple temporary IPv6 GUA addresses are typically used.
Control points that have not been authenticated and authorized as defined in IGDv2 SHOULD use their
IPv6 GUA when calling this action.
https://upnp.org/specs/gw/UPnP-gw-WANIPv6FirewallControl-v1-Service.pdf#page=17
Update: Only occurs if the daemon was compiled with UPNP_STRICT defined
The text was updated successfully, but these errors were encountered: