I have set up an OpenConnect server (ocserv) on CentOS 8 that is quite fast. However, when I enable IPv6 on it by uncommenting the following line, it becomes painfully slow and upload becomes almost zero.
#ipv6-network = fda9:4efe:7e3b:03ea::/48
I tried enabling ipv6 forwarding and ipv6 masquerading, but it did not help.
It’s worth mentioning that clients realize that IPv6 is supported by the server as they show the IPv6 address given to them by the server. For example, when connected to the server using openconnect the log says:
Connected as 10.10.10.15 + fda9:4efe:7e3b:6b40:f973:5a56:56a0:b1a8/64, using SSL + LZ4, with DTLS + LZ4 in progress
Tried disabling dtls with –no-dtls flag, but it didn’t help.
I need the IPv6 support because some websites require IPv6 and if your ISP has IPv6 support, but your VPN server does not support it, then you are exposing your real IP address to the server, rendering VPN connection useless.
Does anyone know how should I enable Ipv6 support for the VPN server without affecting connection speed?