IPv4 -> IPv6 "bridge" ?
Martin Millnert
martin at millnert.se
Tue Oct 12 15:28:58 CEST 2010
Hi,
On Tue, 2010-10-12 at 11:03 +0200, Xavier Beaudouin wrote:
> We had an idea to do IPv6 only on all hosts and create a kinda bridge with our /21 (at starting) to do IPv4 -> "internal" IPv6 host that must be reachable from IPv4 "old internet", also this mapping has to be done in direction IPv6 host -> IPv4 when this host needs to reach some IPv4 stuff.
> Unfortunatly it seems to be not easy, even in the free world (for example OpenBSD...)...
There are various userspace tcp proxy programs out there (google 'tcp
ipv6 proxy), including socat, which can accept a connection on ipv4 or
ipv6 and forward it to a host on ipv4 or ipv6.
You only have have 2^(32-21) tcp 80 ports to play with though and there
is no clean way around that (dynamic IP/DNS doesn't sound like something
a hosting customer would want, for example). If that's the case, it
gives little benefit to the hosting customer or provider over simply
just giving the IPv4 addresses to the customers directly.
However, if you perhaps aren't dealing with web hosting customers, and
if you can control what port your cloud apps use on the IPv4-frontend,
you suddenly get access to much more capacity (65k ports per address).
Essentially what this comes down to is some variant of the NAT64. I
don't know whether or not there is a suitable implementation already
today, that covers what you need, but I'll point you to
http://ecdysis.viagenie.ca/ where you can read up NAT64.
HTH,
Regards,
--
Martin Millnert <martin at millnert.se>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : http://lists.cluenet.de/pipermail/ipv6-ops/attachments/20101012/8dd10df5/attachment.bin
More information about the ipv6-ops
mailing list