-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Portcheck broken for ipv6 capable systems. #3102
Comments
Since redundant DNS records aren't harmful, there could be more records: This way there would be a possibility to have options 1 and 3 at the same time. |
True, but I would prefer not to have both A and AAA records for the same name because it is ambiguous, you don't know if v4 or v6 is being tested. When a user tests "THE port" he/she usually assumes v4 unless otherwise specified. |
I dont know. Port checking is a feature of Transmission for which I am reporting the issue. I have not read the BT spec and I dont think it is relevant for me to do so.
I thought "Opening a port" in IPv4 world translates to "creating a NAT port forward mapping in the router" and in IPv6 world it means "creating a pinhole in the firewall". Sorry for not being specific enough.
The issue is not related to DHT.
If most users have intimate knowledge about ip6 networking and its implementation in transmission, then indeed I am wrong. Otherwise maybe you need to educate them so they make the correct assumption. Even if the user is educated and on ipv6 capable network, then it is still very relevant to test the ipv4 port for connecting with the other 62% who are not so lucky to have ipv6.
I tried to be brief and to the point without telling the dns admin in detail how to do his/her job.
|
I am confused by this reply. The issue is not related in any way to DHT or firewall problems. |
We have confirmed a bug, which is, the Outgoing Port Status checker will fail and report 'portTested: http error 400: Bad Request' when we are using Transmission and check the outgoing port status in IPv6 Network. This bug will make the task failed, however, there are no removing conditions relying on this status. Therefore we remove it. Closes #101, #135. This bug is in Transmission, which can be referred to transmission/transmission#3102, not in our software.
We have confirmed a bug, which is, the Outgoing Port Status checker will fail and report 'portTested: http error 400: Bad Request' when we are using Transmission and check the outgoing port status in IPv6 Network. This bug will make the task failed, however, there are no removing conditions relying on this port status. Therefore we remove it. Closes #101, #135. This bug is in Transmission, which can be referred to transmission/transmission#3102, not in our software.
Yeah I have IPv6 and the port checker just hangs at "testing TCP port" forever... |
@ploink The way this issue is being misunderstood is infuriating! I'm guessing that the client needs some new behavior along the lines of:
That part should be easy. The hard part is getting whoever runs |
I sent an email to dev@tran[...]bt.com asking who maintains that endpoint. By the way, I disagree that |
@ValZapod Thank you for your comments. Can you propose a solution to make portcheck work properly?
In case this is a #WONTFIX issue then I propose just removing the portcheck completely from transmission as there is no point in keeping broken stuff that does not work and just frustrates many users. |
I'm thinking of two ways:
|
Sorry pressed wrong button on my mobile. |
Can you be more specific about the environment you're referring to here? Of course you can query for A or AAAA records by sending DNS queries over either IPv4 or IPv6... |
We can ignore the authenticity failure on the client side, or if we really care, check for subject name/alternate name of |
I agree. I only looked briefly at the source some time ago, but I guess transmission is just using a simple url library for the request that does not support specifying the protocol to use (like you can do with "curl -4" and "curl -6"). Using two hostnames that resolve to predictable protocol versions is the least complex. |
Wait, what? I think we must be talking about two completely different things or entirely different OSI layers... Transmission is not a web browser, so it doesn't need to implement Happy Eyeballs, and I don't believe it currently does for any of the other communication it uses. It talks to peers and trackers using IPv4 and IPv6, is capable of listening on both addresses at once, registers itself with the trackers as both types of host addresses... |
Are you talking about Transmission for macOS using the (now deprecated) NSURLConnection API?1 That does seem like a problem, and it should use the
|
Yes that was the source google found for me. It may be complicated to achieve what you want to do, but I am not a C programmer so I am not sure.. The simplest solution for now imho is tweak the dns but that appears to be impossible and I am getting doubts about portcheck in general. |
@ploink I see you've changed your mind about whether this needs to be fixed. I personally would find it useful, especially if it can show a separate status for IPv4/v6. Either way, I don't think the broken behavior should remain. |
I'm using transmission on an apple silicon m2 air, and I have an xfinity router. I did a port forward for 51413 on TCP since that's what the portforward site said this app uses. after that, I also set the port in transmission to 51413 and unchecked randomize. it then said "port is open" and my files are being seeded, though nothing in actually uploading to anyone. I then checked the settings again and "port is open" was changed to "port check site is down." my router does have IPv4 and v6. so basically, it says i'm seeding, but nothing is actually being uploaded, and "port is open" is not coming back. thanks for any help you can provide. |
I would strongly encourage that we just do the dual dns entry feature, it's the simplest: portcheck.transmissionbt.com should resolve to resource records that include both an A and an AAAA record (leave it alone for backwards compatibility with old versions). portcheck4.transmissionbt.com should resolve to only an A record. as far as any SSL certificate crap, a new cert can be generated that all three names in the subject alternate field. This requires the transmission daemon to do TWO port checks to confirm v4 and v6 availability but the underlying code is entirely "library and cross-platform independent." |
Yes, now does anybody know who runs that host and the web API it vends? That's the real problem here. |
Courtesy response to at least let you know I've seen the ticket -- I didn't set up portcheck.transmissionbt.com and TBH don't remmber who did. Maybe @livings124 does. |
I don't remember unfortunately |
@ckerr @livings124 This is a pretty unusual situation to have a service up since 15 years and nobody knows (anymore) who is in charge, what is run and how to upgrade it! AFAIK IP belongs to OVH and is rented by Kimsufi.com I see two ways to deal with the problem:
Would you consider to relaunch a new service - strictly controlled - behind `portcheck.transmissionbt.com? |
My best guess for who would know how to alter the service is @titer |
I just checked this again and the problem persists. If I disable IPv6 in my router transmission shows "Port is Open". If I enable it again and wait a few minutes it shows "Port is closed". I had tried back in October 2020 with the same results and reported it in #1190. I don't really think that I can help much to solve this problem except by thanking everybody who has helped diagnose it and by reiterating that this is a very important feature for users, especially not very tech-savvy ones. |
Hey, sorry for having overlooked this for so long (yes, I am still alive) - I just added a repo for the portcheck service and checked in the decade-old implementation -> https://github.com/transmission/portcheck It is fairly small and would need little effort to add IPv6 support, I may do it later this week unless someone else wants to give it a shot first |
@titer Thank you very much, we might consider moving this ticket there then!? |
I think that's a good idea since this isn't something that can be fixed in the I'm going to close this one. I see there are a lot of people watching this ticket, so, everyone, go sub to the new one... |
Portcheck has been broken for ipv6 capable systems since the DNS AAAA record was added back in 2017 #381. When the system resolves the AAAA record and uses ipv6 for the portcheck request, it receives "400 Bad Request" because the server side script at that URL is not ipv6 capable.
We are in 2022 now and worldwide ipv6 adoption is at some 38% according to google so this affects many users.
There are several options to approach this:
The text was updated successfully, but these errors were encountered: