Problem about IPv6 fallback to IPv4



  • Hi,

    First of all, thank for your app. But I found it can't connect my servers. I read debug.txt, and it seems that DAVdroid trying to connect IPv6 address instead of IPv4. However, my carrier provider doesn't support IPv6 traffic. And DAVdroid didn't fallback to IPv4(?).

    Version: 1.11.4-beta4-ose from https://f-droid.org/en/packages/at.bitfire.davdroid/
    Android version: 4.4.4

    Here is Debug.txt:
    https://gist.github.com/paperbag/d011820d45338cef9ba2d376b57bf7a0


  • developer

    Hello,

    I don't know whether this falls within the obligation of the operating system or okhttp. However, I wonder why you have an IPv6 address when your carrier doesn't support IPv6?

    This seems to be a network connectivity problem and should affect all apps, not only DAVdroid. Are other apps working?



  • Hi rfc2822.

    I don't know whether this falls within the obligation of the operating system or okhttp. However, I wonder why you have an IPv6 address when your carrier doesn't support IPv6?

    Sorry for my late reply. Let me express clearly.
    My server support both IPv4 and IPv6, and my Android phone only support IPv4. I added both A record and AAAA record for my domain.

    I look debug.txt file, it seem DAVdroid only to connect IPv6.

    Then I deleted AAAA record, and make DAVdroid try again. And it seem DAVdroid connect it, but SSL handshake fail.(I think I should buy a new phone, Android 4.4 seem not supoort TLS1.2)
    https://gist.github.com/paperbag/d011820d45338cef9ba2d376b57bf7a0#file-debug-2-txt

    Are other apps working?

    Other apps works so far, like nextcloud-android, NextCloud SMS. GPSlogger I also meet SSL handshake fail situation.[1]

    [1] GPSlogger developer seem working on support TLS for Android 4.1:
    https://github.com/mendhak/gpslogger/issues/637



  • I add TLSv1 support for Nginx confifure. And upgrade DAVdroid from F-droid. It work now.

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA';
        ssl_prefer_server_ciphers on;
    

    0_1532353561937_Screenshot_2018-07-23-21-42-29-786_at.bitfire.davdroid.png



  • I'd like to bring this back up. I'm having the same issue as OP describes when trying to connect to a server that has both A and AAAA records, but the phone is IPv4-only.
    There seems to be an issue with IPv6/4 Fallback. I'm trying to figure out whether or not this is related to the OS (by means of simply connecting to the same server via Browser) or if it's related to DAVDroid or one of the libraries it uses. Will report back when i have more information at hand.

    /edit: I'll try to provide an easy-to-read summary:

    • Server software: mailcow->SOGo
    • DAVDroid Version: 2.0.3-ose (244), most recent version from F-Droid
    • Server supports dual stack, has A and AAAA records published (rDNS matches as well, for what it's worth)
    • Phone is connected to IPv4-only WiFi
    • No connection attempts observable at the server

    If i understood correctly, OP's fix was to remove the AAAA record, that is not an option in my case.



  • Update: It was indeed just an encryption Problem. The client is running Android 4.4 and i had no supported cipher configured. Weird that i don't see the handshake error in nginx logs though.



  • emmmm. I meet this problem again.