The annual IPV6 concentration detection of the Ministry of Industry and Cyberspace Administration is coming. In order to detect the IPV6 concentration of applications, it is necessary to summarize the IPV6 concentration detection scheme.

IPV6 Network Environment

Companies have IPV6 environments in place to ignore this section. If not, you can refer to the following steps.

  1. Prepare one Mac, two iphones, and one USB iPhone cable
  2. The cable connects the iPhone to the MAC
  3. Open the iPhone’s personal hotspot and select USB-only. If there is no option, turn off the phone’s Wi-Fi connection and use the phone’s own mobile network and select USB-only
  4. Turn on network preferences and make sure your Mac’s Wi-Fi is on and that you are not connected to any network. Delete the previous network cache in advanced if you already have a wifi connection
  5. To enable system preferences, hold down the Option (Alt) key and click share. If you do not hold down the option key, the IPv6 option will not appear
  6. Choose iPhone USB -> Wi-Fi -> Create NAT64. If no, repeat Step 4 to create a NAT64 network
  7. Select the Wi-Fi option in the lower right corner, with or without a password. Finally, don’t forget to check the option on the left, otherwise sharing will not be opened and Internet sharing will be displayed: Open represents successful operation.
  8. Check Internet Sharing. Use your other iPhone to connect to the IPv6 test network created by your Mac

Traffic monitoring

Next comes the need to monitor mobile phone traffic. Share two ways to monitor traffic.

  1. Tcpdump + wireshark. You can refer to this article if you have jailbroken iOS devices.
  2. Airtool 2 + wireshark. Use of Airtool 2 can be found in this article.

The principle of

Today’s focus is on the second method. IOS does not allow direct logging of packet tracking. However, you can use the Mac Remote Virtual Interface (RVI) mechanism to record packet tracking on connected iOS devices. It works by first connecting an iOS device to a Mac using USB. Next, run the command from the terminal. Apple’s description of how RVI works is in this article. Airtool 2 is implemented based on the remote Virtual Interface (RVI). But Airtool 2 already does this automatically, so you can leave traffic monitoring to Airtool 2. The next steps are to monitor traffic using this scheme.

steps

  1. Check whether rvictl is installed on the CLI. If not, homebrew install rvictl. In addition, Apple chips need to choose System Preferences > Security and Privacy > General, select Allow.

  2. Connect your mobile phone to a MAC using USB. Airtool 2: Select Capture iPhone Packet Traces

  3. You will then see the data load page and proceed to your device, where Airtool 2 keeps recording data. It is possible that there will be a disconnect, for unknown reasons, so try a few more times or switch to this version

    Data loading page

  4. Click “Stop” to find the airTool_2022-02-25_09.11.24.pm. pcapng file and open it with Wireshark

  5. The Wireshark menu bar statics-> EndPoints has both IPv4 and IPv6. To find out which IP address is the phone’s IP address, go to Phone Settings -> wlan ->wifi Details. In descending order of Bytes, the first byte should be your phone’S IP address.

  6. The density of IPV6 and IPV4 traffic is calculated in bytes to obtain 🤠

Finally, the bulk of the traffic concentration is obviously for static files and streaming requests, so focus on optimizing. Our concentration is already over 80%🤠