Support for IPV6 needs to be greatly improved

IPV6 is a reality with more than 40% of traffic now being IPv6
See https://www.google.com/intl/en/ipv6/statistics.html

Many countries & networks are either IPV6 only or IPV6 is the primary network. In such scenario, I feel bitdefender lacks the required adoption. As soon as I made my network IPV6 only, bitdefender blocked everything, not even an alert on bitdefender that it is blocking & action needs to be taken. After lot of digging I realized to make my network trusted on bitdefender.
While posting this discussion, I can see users have already posted the issues here as much as 8 years back. It seems 8 years were not good enough to imporve the IPv6 adoption.

In today's world of AI, bitdefender should atleast audit the network and should recommend the actions. You cannot expect your users to be expert on networking or even computing.

Now since I had done so many changes in bitdefender settings for network to work, I felt I might have made the machine vulnerable. Here too an option of making all the settings to reset to factory by just click of a button was expected, but not to be there. Instead I had to reinstall bitdefender to go back to the default settings. After reinstallation, I was trying to login on my bitdefender application on the machine, it simply prompted unable to reach network, so I had to tether to my mobile IPv4 network to sign-in. This definitely is a roadblock to using bitdefender.

Find more posts tagged with

Active

ipv6

fw ipv6 block

Status: Active

Comments

Flexx

https://community.bitdefender.com/en/discussion/100187/support-for-ipv6-needs-to-be-greatly-improved

I moved your topic to the product features and ideation category. Your feedback will be shared with the developers automatically.

Also, @camarie can provide some insights here.

Regards

camarie

I don't know all the places where we might need improvement, but I noticed the team and we will plan improvements on this, too. Thank you for the feedback !

anotherearthling

My 2 cents ....

Answering the following question could be the right start ...

Does bitdefender installs 100% with all use cases in an IPv6 only network?

In my experience, No.

camarie

Followup: IPv6 support is present in the product for a long time.
If the network is untrusted, blocks works using the default rules, on certain ports on certain protocols (ex. share, RDP, ping etc.) and it should be the same on both IPv4 and IPv6. If you can open a support ticket and could get the internal logs we could check exactly what is blocked and what is not, in order to determine if there is indeed a protocol-related bug or is just a network configuration thing.

Regarding "Does bitdefender installs 100% with all use cases in an IPv6 only network?"
Is there a particular use case you are mentioning?
(I have forwarded anyways to the colleagues knowing more than me this thread).

anotherearthling

Yes, following are what I experienced.

The 1st time, I tried installing on IPv6 only network, it gave me login page, where-in after putting the credentials it gave error unable to reach server. I kept trying for 30 min. or so, assuming it could just be a coincidence that server could be down. But no success. After putting it on IPv4 network, it could login & installation completed without any issue.

The 2nd time when I tried re-installing on IPv6 only network, it asked me to enter code, where-in I clicked on "I already have subscription.... " But it kept giving me error, "No subscription found" even after trying multiple times. Again as soon as I put machine on IPv4 network, installable was able to fetch the subscription from server and installation completed without any issue.

Hope it helps.

camarie

Thanks for feedback. That would narrow down the issue you are facing to the installation agent. I will escalate this to the appropriate team.

anotherearthling

https://community.bitdefender.com/en/discussion/comment/340332#Comment_340332

Just to mention the above was done after removing bitdefender with option to not save any settings or file.

Thus I believe the above was a completely fresh installation. So in my opinion the network being trusted or not should not be of relevance since it was an installation.

camarie

https://community.bitdefender.com/en/discussion/comment/340336#Comment_340336

Indeed. Then it should be something related to the install agent. I will open an issue on that immediately.

camarie

How is your network configured? Do you use a router with IPv6 only enabled, or both IPv4 and IPv6, and on your connection (either LAN or wireless) is only IPv6 enabled, or both IPv4 and IPv6 ?

Our test team attempted to reproduce but without success, in all tests it worked correctly in an IPv6 only environment.

camarie

Followup: the testing team tried with IPv6 only to reproduce, to no avail. If you can go into more details than can help us pinpoint the possible problem it would be very helpful.

anotherearthling

Machine on which I found the issue has OS Windows 11 23H2 (22631.3737). The network on the machine is depicted in the network diagram

anotherearthling

@camarie This is now getting a bit frustrating. While I begin to feel all is well after bitdefender installation & also setting my WiFi AP as "Home WiFi" under "Vulnerability/WiFi-Security Advisor". But afraid, that was not to be.

IPv6 only network is not consitent on the machine with Bitdefender installed. To diagnose better, I started doing a ping to my router on its local-link IPv6 address. I observed that when firewall was turned on, the packets were dropping incosistently, but when I turned it off there is not packet being dropped consistently.

To share with you a sample analysis, I made a screen video recording hoping that it will help. In the video, you will find the ping command running on left hand side, while on right hand you will see the bitdefender app.
1. At the start you will find the firewall turned on. Thereafter you will see the command to ping the local-link address of the router being executed. The command runs for ~2 mins.
2. After 2 min, when the ping command is stopped, we can observe there is 37% packet loss.
3. Thereafter the firewall is turned off and the ping command executed again for ~2 min.
4. After 2 min, when the ping command is stopped, we can observe there is no packet loss.

Please note though this is just one sample, I have tried this for an hour, where-in there has been no packet loss when firewall is turned off, but there is always some packet losses when firwall is turned on. And also there was no network issue on any other device on the same network.

https://vimeo.com/965606984

This time I would like to take this as a p1 issue to the support team. Please help me to take it up or guide me to go about.

camarie

Thank you for the detailed explanation. This is something else compared to the first post.

Forwarded right now to the appropriate guys anyways. I will stress them to test this as soon as possible to attempt to reproduce.