IPv6-only client to IPv6/IPv4 dual stack server tunnel?

I have a IPv6-only client and a IPv6/IPv4 dual-stack server. The client can connect to the server via IPv6. I want to set up a tunnel on the server so the client can access IPv4 resources through the server. The client is running OS X, and the server is running Ubuntu. How do I proceed from here?


Solution 1:

The thing to keep in mind with IPv6 and IPv4 is that they are two completely separate name-spaces, as well as protocols. The IPv6 client will have to somehow resolve that IPv4 resource as an IPv6 address. That's tricky.

However, you may be able to leverage a certain IPv6 transition technology known as NAT64. This does the v6 <-> v4 translation, though name-resolution still remains an issue. There isn't a lot in the Linux space that does this yet, though there are a few projects (one such).

Solution 2:

It may be simpler to enable or use the existing IPv6 stack on the Ubuntu server.

If your server is providing DNS services for the client, you may be able to use dnsmasq to provide the IPv6 address of the server to the client. This may be as simple as adding the IPv6 address of the server to the /etc/hosts file.

The shorewall6 package can be used to build an IPv6 firewall.

The avahi-daemon package can be uses to provide a list of services available on the server to the OS X client. For local access to the services, this may be the simplest solution. This works well if you have an IPv6 address on the server. (Most likely you do.)

To determine if you already have IPv6 address run the command ifconfig and look for lines starting inet6 addr:.

EDIT: If you want to enable the client to enable access to the web pages via the server, an IPv6 web proxy like squid3 (version 3.1) will work. (This last edit is done using squid3 over IPv6.) This can be made discoverable via avahi Your server can also provide a relay service for outgoing email.

For other services there may be proxies available, or you will need to use an IPv6 to IPv4 NAT. From what I have seen development of these providers has not been significant.

Google and some other providers are available on IPv6 so you can get limited connectivity to the Internet using IPv6. As most ISPs don't yet support IPv6 you may need to use a tunnel to connect to the Internet. I started with 6to4 tunnel and moved to a 6in4 tunnel. While I implemented my tunnel on OpenWrt, the process is much the same for Ubuntu. It is easier to implement on a server connected directly to your ISP's modem.

Solution 3:

You should use DNS64/NAT64 here. That will give your IPv6-only hosts valid DNS and IP information when attempting to connect to an IPv4-only host, and translate IPv6 packets to IPv4 ones.

As of software packages, BIND9 have DNS64. and tayga does NAT64. It is confirmed to work under Ubuntu 14.04 LTS (trusty).