thanks for making the great iOS App! It worked really well and I've been able to set up a OpenVPN thingy using my Linux Server for the first time without any major hickups by following guides and reading documentation!
One (for most people probably very minor) thing I've noticed though:
My Server is so far only configured for ipv4, therefor also OpenVPN on the Server is running with v4 IPs.
[i'm using the tun device, server 10.8.0.0 255.255.255.0, push "redirect-gateway def1", push "dhcp-option DNS (myserverip-which-does-public-dns) - and i've configured iptables to do NAT]
On my home network however I've also got ipv6. The iOS device therefor is connected by both ipv4 and ipv6 to the internet.
Any server that is reachable via ipv6 will therefor bypass the VPN! Even though the VPN is connected and all data should be securely sent over the VPN, the v6 data does not get sent over VPN and will silently bypass it.
Due to the mediocre adoption of v6, this is probably not a huge problem yet... Still, this does strike me as a slight security problem in case you had hoped to tunnel all data across an insecure network using the VPN and suddenly some of the data now gets sent in plain.
Does someone know a simple solution for this? It's not possible to disable ipv6 in iOS (as far as i know), so the only solution i could think of is configuring the OpenVPN Server to also provide an IPV6 gateway... Which would be a lot of work since I don't have much experience with ipv6 on the server yet
(also, since ipv6 in openssl has officially only been supported for like a few weeks, there are probably a lot less guides on how to do it)
Any ideas?
