During the review of iOS project, I encountered the problem that the server was rejected because the ipv6 only network could not access the server. Ali Cloud was used by the server, and the problem was solved after looking for information. Here I summarize the experience
How does Ali Cloud server set IPV6 to pass appstore audit
#### apple requirements: IPV6only support (because Ali Cloud host does not have IPV6only)
Check whether IPV6 is enabled:
Method 1: Run the ifconfig command to check whether the IP address contains an IPv6 address.
Method 2. Check whether the IP address monitored by the service contains an IPv6 address. (netstat – tuln)
Open the IPV6:
vim /etc/sysctl.conf
vim /etc/modprobe.d/disable_ipv6.conf
vim /etc/sysconfig/network
The ipv6 server support is complete. Restart the server to test whether ipv6 is supported. After restarting the server,ifconfig checks the ipv6 information and sees the ipv6 output
Adding an ipv6 tunnel:
1. Register the Tunnel broker
https://www.tunnelbroker.net/ registration is easy, do not speak, need email verification, registration, gmail, 163 can get certified mail, qq still not receive
2. Create a Create Regular Tunnel.
Enter the CLOUD server IP address, select the default Tunnel node, and click Create Tunnel. If “IP is a potential tunnel endpoint.” is displayed, ipv6 tunnels can be added. Generally, tunnel nodes are allocated by default and you can manually select them.
3. Create aN ipv6 tunnel and route
Go to the next page and switch to the Example Configurations TAB. If your VPS is centOS/Debian or other common Linux, select Linux-Route2 from the drop-down menu and the setup command appears, copy it to your cloud server and run it.
4. Test ipv6
Add ipv6 DNS server, in the final add nameserver 2001:4860-4860: : 8888, nameserver 2001:4860-4860: : 8844 Google ipv6 DNS server
# vim /etc/resolv.conf
options timeout:1 attempts:1 rotate
nameserver x.x.x.x
nameserver x.x.x.x
nameserver 2001:4860:4860::8888
nameserver 2001:4860:4860::8844
Copy the code# ping6 -c 5 ipv6.google.com PING ipv6.google.com(tsa03s01-in-x0e.1e100.net) 56 data bytes 64 bytes from Tsa03s01-in-x0e.1e100.net: ICmp_seq =1 TTL =55 time=25.5 ms 64 bytes from tsa03s01-in-x0e.1e100.net: ICmp_seq =1 TTL =55 time=25.5 ms 64 bytes from tsa03s01-in-x0e.1e100.net: Icmp_seq =2 TTL =55 time=25.5 ms 64 bytes from tsa03s01-in-x0e.1e100.net: Icmp_seq =3 TTL =55 time=33.1 ms 64 bytes from tsa03s01-in-x0e.1e100.net: Icmp_seq =4 TTL =55 time=25.5 ms 64 bytes from tsa03s01-in-x0e.1e100.net: Icmp_seq =5 TTL =55 time=25.4 ms -- ipv6.google.com ping statistics -- 5 packets transmitted, 5 received 0% packet loss, time 4031 RTT min/avg/Max/ms mdev 33.180/3.073 = 25.473/27.040 / msCopy the codeAli Cloud service configuration
After the proxy configuration is complete, run the ifconfig command in the server to find the HE-ipv6 virtual network card, find the ipv6 address whose scope is Global, and configure AAAA in the background of Ali Cloud to record the ipv6 address mentioned above
Ali cloud document at https://help.aliyun.com/knowledge_detail/39813.html
Online quiz: zh.infobyip.com/ping-ipv6.g…
Adaptation of IPv6 pit, the ultimate solution blog.csdn.net/u010069091/…
6.1 apps released from the AppStore must be compatible with IPv6. However, the version I released last week was not rejected because it was not compatible, this time it encountered IPv6 compatibility issues… Without further ado, on the code:
+(NSString *) getIPWithHostName:(const NSString *)hostName { struct addrinfo * result; struct addrinfo * res; char ipv4[128]; char ipv6[128]; int error; BOOL IS_IPV6 = FALSE; bzero(&ipv4, sizeof(ipv4)); bzero(&ipv4, sizeof(ipv6)); error = getaddrinfo([hostName UTF8String], NULL, NULL, &result); if(error ! = 0) { NSLog(@"error in getaddrinfo:%d", error); return nil; } for(res = result; res! =NULL; res = res->ai_next) { char hostname[1025] = ""; error = getnameinfo(res->ai_addr, res->ai_addrlen, hostname, 1025, NULL, 0, 0); if(error ! = 0) { NSLog(@"error in getnameifno: %s", gai_strerror(error)); continue; } else { switch (res->ai_addr->sa_family) { case AF_INET: memcpy(ipv4, hostname, 128); break; case AF_INET6: memcpy(ipv6, hostname, 128); IS_IPV6 = TRUE; default: break; } NSLog(@"hostname: %s ", hostname); } } freeaddrinfo(result); if(IS_IPV6 == TRUE) return [NSString stringWithUTF8String:ipv6]; return [NSString stringWithUTF8String:ipv4]; }Copy the codeThis code determines whether the IPv6 environment and resolves the domain name to obtain the IP address.
Test, first to configure the IPv6 network environment, as to how to configure, self Baidu “how to build IPv6 test environment”.
However, after the successful configuration, the WiFi DNS connected by the mobile phone is also correct, how to run the program test is not successful, find a lot of information, guess is the DNS resolution problem.
Instead, unplug the network cable, connect it to WiFi on your MAC (there is no WiFi and you can share the hotspot with your phone’s traffic), and then configure IPv6 using the previous method in sharing. Remember to select “Create NAT64 network”. At this time directly through the simulator test succeed!
The test was successful. You think that’s all right? The submission can still be rejected, the phone and Mac are IPv6, but the Mac and your server are IPv4 connected.
If this test passes, it indicates that your client application is (mostly) fine on an IPv6 network, but it does not verify that your server responds properly to IPv6 networks. However, when Apple audits it, it goes to the DNS server and asks for your server’s IPv6 address and then accesses it. If the IPv6 address cannot be queried, the system queries the IPv4 address and converts it to the IPv4 address. Apple explicitly states that servers do not need to support IPv6, but one thing apple fails to point out is that while your server does not need to support IPv6, it must respond correctly to IPv6 DNS queries.
How do you test it? Use the following command:
$ dig +nocmd +nostats example.com AAAA
Copy the codeIf the status returned is NOERROR, there is basically no problem, but the tests must pass in multiple network environments. If you return something else, especially in the case of SERVFAIL, it’s a disaster. Since you have verified that the client has no problems, now you need to do, is to urge your operations, background, etc., to change the DNS configuration, until the stable return NOERROR.
Other references: blog.csdn.net/nil_lu/arti… Ali Cloud HTTPS protocol related support