We have received a lot of requests from users to support IPv6 in our infrastructure but due to security concerns, we have been withholding the implementation of IPv6 in our infrastructure until now.
On 27th December 2016, OpenVPN releases the OpenVPN 2.4.0 which is a major upgrades from their previous releases of 2.3 branch.
We have closely followed the development and progress on 2.4 since its early days and decided that the time has come to implement IPv6 without compromising on security. The 2.4 version provides major features such AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client’s IP address changes (Peer-ID). Also, the new –tls-crypt feature can be used to increase users’ connection privacy. This new release will be implemented in ALL our servers in due course over the next few weeks and we will provide updates regularly on the development of the client side or our GUI. GUI is not being updated now due to the many variations of stability issues for the many different operating system and firmwares being used by you.
For now, we are releasing 2 beta servers, a Luxembourgh and Singapore servers that will be running a dualstack IPv4 and IPv6 protocols. Please email us any feedback to firstname.lastname@example.org.
To connect to the beta servers, please update your configuration files via the respective client that you using and select the IPv6 beta servers nearest to you for best performance.
Any valid subscribers can use this server and do your IPv6 testing but for major security reason and anonymity, we are implementing only routed-shared-ipv6, meaning all users will anonymously share a single ipv6 address to access the internet during the active connectivity. You may use this server, irrespective whether your ISP has given you IPv6 or not. If you do not have IPv6, this will enable IPv6 for your internet access.
As for those who are having native IPv6 with a /64 support from their ISP, please be aware of the security implications of enabling IPv6 in your local network.
Caveat: During our testing, some browsers may not be using IPv6 as their default DNS and thus will fail DNS6 test in certain test site.
You may visit www.ripe.net to see if your connection is using IPv6 or IPv4 addresses.