Getting User IPv4 Address with IPv6

Hello!

There are many ISP who provide a user with 2 IP Addressed IPv4 and IPv6 and if we go on to the sites like https://ipv6-test.com/ they will show the both. Now my server has some logic to deal with IP.
I want to prefer IPv4 over IPv6. So I am searching for some way to get both these IP in header and if IPv4 doesn’t exists my server will use IPv6. Currently what is happening is, even though a user has public IPv4 in headers I am only getting IPv6.

I need true IPv4 address not a pseudo one. So the pseudo IPv4 setting won’t work.

Kindly let me know if there exists any solution for this. Thanks!

IPV6 testing sites function by asking the browser to fetch additional resources from various other hostnames, some of which are IPV4-only, some of which are IPV6-only, and some of which are dual-stack.

Like if you load up https://whatismyipaddress.com/ (with a dual-stack connection) you should see the IPV6 IP populate immediately, while the IPV4 should take some time to appear, because it’s using Javascript to query an IPV4-only hostname and then updating the page based on the results of that.

Try turning off Javascript on any of these sites and see if they still display both IPs (they won’t)

A web server or proxy (including Cloudflare’s proxy) can only see the specific IP that a client is connecting from. There’s no direct way to query other IP addresses that may exist on the client.

If you want to capture the IPV4 IP of visitors, you could maybe include an image tag pointing to a grey-clouded IPV4-only subdomain

or use Javascript to make a call to a grey-clouded IPV4-only subdomain, or a third-party service

for example, using Javascript to get https://api4.ipify.org/ should always return the IPV4 IP while getting https://api6.ipify.org/ should always return IPV6 IP

the Javascript could store those in variables and then send the data back to your server

or you could consider turning off Cloudflare’s “IPV6 Compatibility” feature (not possible via dashboard but possible via API as far as I know). This would prevent IPV6-only clients from connecting to you, BUT it would guarantee that the connections you do get will be IPV4-only.

Also keep in mind that clients will frequently have multiple IPV4 and IPV6 IPs. With IPV6 it’s almost guaranteed. At best you’ll likely only be able to capture one of each.

also I just remembered the existence of WebRTC

in theory it could allow a server to query a connecting client and get a list of ALL the client’s IP addresses including internal/NAT/private addresses

I’ve seen it work in the distant past

however all modern browsers probably (hopefully?) block that kind of IP querying even if they support WebRTC in general

because allowing servers to query clients that extensively is bad

I tried a few WebRTC IP detection sites in a few browsers and (thankfully) none of them worked for me

Also, note that at this point most IPv4 client addresses are shared among multiple people, and the best you could do would be to get a CGNAT address that’s being used by hundreds or thousands of people.

IPv4 is mostly for time-travelers from 1997. If you’re depending on logic that assumes an IPv4 address corresponds to a person, you should stop doing that, because it very much does not correspond to a person.

1 Like

I got your point. Yes right the client side script makes two request one to A record domain and other to AAAA record domain which respectively fetches the IP.

But since in my case, the client will be connecting from an open source android application to which I cannot make any such change, I only have control over backend. So there is possibly no way from server side to get IPv4 rather than IPv6 even if it exists.

And @i40west said some points which now makes me feel that I should rather improve my IPv6 algorithm or backend logic. And I guess for the same reason ISP sends IPv6 as default address.

And personally my ISP provides only IPv4 to me, So every week its range changes like 203.103.0.0 or 43.89.0.0 or 202.103.0.0 but from the whole time it stays the same like rotation or something I never got any new range, So this could also be a risk I suppose?

And those who have IPv6, I dont know just a guess they might not get a new range but dynamic IP like 2405:201:fff0:0:0:0:0:0

Thanks to you both.

This setting allows you to get the user’s ipv4 and ipv6, via the http header, I’m not sure if this this ipv4 is the real ipv4 you are talking about, you can take a look.

The ITEF and other internet standards bodies want exactly the opposite so you can’t control that. At multiple labeled in the client OS and applications on the user’s machines small and subtle preferences are implemented to prefer IPv6 over IPv4.

The Happy Eyeballs protocols make it much more likely a user with IPv6 capabilities is going to connect to an AAAA record over an A record. When they do that you see an IPv6 address connecting regardless of whether or not the user may have an IPv4 address.

2 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.