2

Some family members asked me to help configuring WinSCP. They need to connect to multiple servers some of which are dual stack and some which are IPv6-only.

What we did so far is the following:

  • Install WinSCP from https://winscp.net/
  • Generated a keypair
  • Saved different combinations of hostname and username in the Login window.

This works great for connecting to dual stack hosts. But attempting to connect to any IPv6-only host results in the error message:

Host "hostname.example.net" does not exist.

But the hostname I am using is correct. For further investigation I have connected an Ubuntu 14.04 machine to the same LAN. And on the Ubuntu machine I type:

ssh hostname.example.net

The Ubuntu machine connects to the very same hostname without any problem.

I looked at the network configuration and on both machines I observe the same:

  • The wireless interface has an IPv4 address
  • The wireless interface has no IPv6 address
  • There is a Teredo interface which has successfully acquired a correct IPv6 address

The IPv6-only servers which we need to connect to are on a LAN with a dedicated Teredo relay, so a reliable connection should possible, and indeed it works from the Ubuntu client.

What do we need to change in the configuration of Windows and/or WinSCP to successfully connect to an IPv6-only host?

(Teredo is not a requirement if there are better alternatives. It just happens to be the only IPv6 address configured on the Windows machine by default.)

kasperd
  • 2,931

2 Answers2

1

The problem was that Windows did not attempt any AAAA lookups, presumably because it is not considered worthwhile to perform AAAA lookups when the only IPv6 address is a Teredo address.

IPv6 connectivity is working as long as an explicit address is specified.

So I managed to get connectivity by replacing the name in the hostname field with the actual IPv6 address of the server. After doing that WinSCP was able to connect.

In my case the servers have static IPv6 addresses (at least for as long as they stay with the current provider). So having a static IPv6 address in the WinSCP saved logins is not a major problem.

kasperd
  • 2,931
1

As described in a Microsoft technical note (http://technet.microsoft.com/en-us/library/bb727035.aspx), a Windows Vista or Windows 7 client will not query the DNS for an IPv6 address (query a DNS name for a AAAA record) if the only local IPv6 interfaces are link-local and Teredo interfaces. In other words, while Teredo may be enabled on a large number of end systems that are connected to the Internet and located behind NATs, such systems will not invoke Teredo to access an IPv6-only URL in the normal course of events because they will not query the DNS for an IPv6 address to use.

Geoff Huston, Testing Teredo

However, it is apparently possible to alter this behaviour. In your favourite registry editor, navigate to the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters and add a DWORD value AddrConfigControl set to 0.

Unfortunately, there does not appear to be any official documentation for this setting.

Bob
  • 63,170