route ipv4 to ipv6 as mechanism to overcome not owning an ipv4 block for load balancing purposes on premise k8s (none aws/gcp)
Running services on well-known ports, the server part of the IP tuple is mostly constant. Such as the ever popular https over 443/tcp. Layer 4 load balancer would need an IP address per service, which is not practical with IPv4 exhaustion.
Name based virtual hosts to the rescue. Probably http host headers or SNI.
No, SNAT is not required.
Proxy based load balancers should be able to terminate a IP connection and make a new one, possibly with a different address family. For example, both a.example.net
and b.example.net
have A records of the load balancer at 203.0.113.69
. Virtual host A's backend could be 2001:db8:26:74::a
while B's is 2001:db8:26:83::b
. If all traffic goes through the load balancer, the backends do not need IPv4 addresses.
Or, getting v4 and v6 to talk to each other can be done at layer 4 without an application proxy or a stateful firewall. SIIT is a stateless way of doing such translation. However, this doesn't solve the problem of needing many v4 address for many services, your one IPv4 gets mapped to one IPv6 on the backend. So likely this does not replace application layer virtual hosts. Still useful if you want to go v6 only in the data center and provide v4 only where needed.
None of this proxying or translation is actually routing. IPv4 and IPv6 are different protocols, they cannot be forwarded unmodified.
Really bridging the gap would be v6 end to end. Not there yet for much of the internet.