Port Forwarding Leaks IPv6
I'm trying to set up my torrent client. I have no issues setting up the proxy following forum instructions, but I figured I'd try port forwarding since I hear it's faster. I think I must not be setting it up right because when I use ipleak.net to check my torrenting, I get an IPv6 announce with my actual IPv6 address. This doesn't occur when I use the proxy.
To setup port forwarding, I'm just connecting to CA-Toronto, inputting the tooltip port into uTorrent and disabling UPnP and NAT-PMP. IPv6 leak protection and Port Forwarding are both checked in the PIA app. Am I missing something?
To setup port forwarding, I'm just connecting to CA-Toronto, inputting the tooltip port into uTorrent and disabling UPnP and NAT-PMP. IPv6 leak protection and Port Forwarding are both checked in the PIA app. Am I missing something?
Comments
The IPv6 leak protection helps, but it is hardly a solution to the IPv6 problem. Just stick with IPv4 if you want your privacy.
netsh interface teredo set state disabled" and "netsh interface ipv6 6to4 set state disabled" commands. I also disabled ipv6 for all adapters via the network and sharing center. I no longer see an ipv6 on ipleak, but ipconfig still shows a Link-local IPv6 address, should I be worried about this/is there something else to disable?With my port forwarding now set up like this, should my traffic still be encrypted from my ISP?
Another question I'm not sure about is the "Allow incoming legacy connections". If I have this checked can the VPN tunnel still keep the connection encrypted or no? Will it really slow things down that much, or will DHT take care of it?
Sorry for my ignorance, I'm just not really understanding a lot of these other detailed settings. Is there any sort of guide for what setting should be used for port forwarding like there is for using the proxy?
I think you can try the legacy switch and see if it works or not. I doubt turning it off will change anything important. And if you lose connectivity, then you know you have to leave it on I suppose. (Sorry. I am not much of a torrent person.)
The VPN tunnel will always be encrypted unless you disable encryption manually from the application. And things will certainly be slower on the VPN, especially with regard to upload speeds. There really is no good setting for that issue.
Regarding the Link-Local IPv6 address, Windows is a bit sloppy with regard to networks that once existed but may not at the moment. Next time you reboot, I expect those will all cease to exist. And since the protocols they would rely upon are disabled, it does not really matter that they currently exist.
Regarding port forwarding, everything will always be encrypted between you and anything you connect to. The only exception is if you manually disable encryption in the PIA application. But the only reason you may even think of that is if you only cared about speed, and not anonymity.
I wish there was still a guide. There was at one time, but that thread is gone due to a malicious user. (Long story.) Hopefully someone can help explain some of these details a bit more. We all know how it is to start with a VPN and find there is a whole lot to learn.
*Edit* I doubled part of the text here in a paraphrased form. I guess I should bother to read before I post...
I'm not surprised.
When using the proxy, which doesn't use IPv6, the torrent client can't use IPv6. When you allow direct peer connections (without proxy), all available protocols will be used. That has nothing to do with port forwarding.
Link local addresses aren't a problem. As the name suggests, they're local to a physical link and can't actually be routed. Unless some router on your local link does IPv6 NAT, you don't have IPv6 access with those.
Still, they should be off if you disabled all those IPv6 options. Do you have LL addresses on all adapters, or just specific ones?
Legacy unecnrypted connection pertain to the torrent protocol-intern encryption settings, not to the VPN's encryption. It's fine to accept all types of connections when you're using the VPN.
DHT and protocol encryption are unrelated, as far as I know.