6to4 in Internet aaaa records
Gert Doering
gert at space.net
Mon Oct 13 11:26:40 CEST 2014
Hi,
On Mon, Oct 13, 2014 at 05:50:14PM +1000, Nick Edwards wrote:
> Speaking of 6to4, can anyone recommend an understandable by non
> networking types, easy setup how-to?
It should be pointed out that what you're asking for is not "6to4".
This term describes a very specific protocol that specifies how IPv6
packets are tunneled over IPv4 infrastructure, with the IPv4 address of
the tunnel endpoint identified by the 32bits of the IPv6 address following
the 2002: prefix (yes, I'm back, and had coffee).
What you want is "IPv6 to IPv4 translation" (or proxying etc.), and that
should not be called 6to4, even if the acronym sounds like it is the same
thing.
As far as the actual translation - others have already answered that part,
you can use a "stateful NAT64" box, or a proxy / load balancer that does
IPv6 and IPv4 ("IPv6 request on the outside are forwarded to the IPv4 host
on the inside"), or just a plain TCP relay - depending very much on what
you have.
One of the problems you'll run into with that approach will be abuse
handling, of course. Your IPv4-only machine will see all incoming
connections as "it's coming from the NAT/the firewall/the proxy..."
as there is no way to relay the IPv6 source address in a generic IPv4
connection - you can do that for HTTP by inserting extra headers, for
example, but that will still require IPv6 awareness on the target
application...
Gert Doering
-- NetMaster
--
have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard
Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
More information about the ipv6-ops
mailing list