enterprise IPv6 only client computers and IPv4 connectivity

[Henrik Lund Kramshøj]

On 30/04/2013, at 09.03, Mikael Abrahamsson <swmike at swm.pp.se> wrote:

> 
> Hi,
> 
> If an enterprise today would decide that they're going to run IPv6 only on their LAN, they would have recent Win7|Win8|OSX|Ubuntu clients on their client computers, what mechanism would they use to access IPv4 Internet?
> 
> My thinking immediately went to DS-lite, NAT64/DNS64 and MAP-E, but I NAT64/DNS64 isn't "good enough" without 464XLAT, and DS-lite and MAP-E requires additional software on most of these operating systems, right? Are these kinds of client software even available?
> 
> What other mechanism could be used to achieve IPv4 Internet reachability over IPv6 only access for end-systems? HTTP proxy or SOCKS-proxy also sounds too cumbersome.

Just a quick note.

NOT having direct connections from ALL systems inside an enterprise can also be considered a feature.

I have large enterprise customers that would love to cut SMTP connections from inside, but wont since some critical device might be configured to send back support through SMTP to vendor on the outside.

We talk a lot about direct connections, and I wholeheartedly agree, but in some cases having client PCs required to connect through filtering proxies and only sending data outside through other systems is a plus.

Best regards

Henrik
--
Henrik Lund Kramshøj, Follower of the Great Way of Unix
internet samurai cand.scient CISSP
hlk at kramse.org hlk at solidonetworks.com +45 2026 6000 
http://solidonetworks.com/ Network Security is a business enabler