NATing IPv4 while routing IPv6

Solution 1:

you can achieve that with proxy ARP, if I was trying to pseudo bridge ipv4 I would do this:

echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
echo 1 > /proc/sys/net/ipv4/conf/eth1/proxy_arp
echo 1 > /proc/sys/net/ipv4/ip_forward

You need to setup both your NICs with the EXACT same information (ip_address, netmask and gateway), not sure if DD-WRT will allow that, for sure it won't on the web ui but it might allow you to do this from the console, then recheck your gateway, make sure you only have gateway pointed to the interface that goes to the ISP, something like this:

ip route del default dev eth0
ip route del default dev eth1

ip route del $LAN_NETWORK dev eth0
ip route del $LAN_NETWORK dev eth1
ip route add $DEFAULT_GATEWAY dev eth0
ip route add $LAN_NETWORK dev eth1

ip route add default via $DEFAULT_GATEWAY dev eth0

This is for an IPv4 Pseudo Bridge using Proxy-ARP, I guess you can do the same using IPv6.

On the other hand and as I said on the other question, you can still NAT IPv4 even if it's bridged in layer 2.

You would need to setup both your IPv4 public address and IPv4 lan address on the BR0 interface, and then NAT them as I told you before

iptables -t nat -A POSTROUTING -j SNAT -s $LAN_NETWORK --to-source $WAN_IP_ADDRESS

That would solve both your problems without the hassle of proxy arp. Problem is most of this stuff won't work from DD-WRT's interface.

As a better and cleaner alternative you might add a subinterface on the bridge to the LAN side, something like

ifconfig br0:1 192.168.1.1 netmask 255.255.255.0

And use the same NAT line I said above

Solution 2:

Are you trying to NAT your ipv6 connections? If so, what is the motivation for the IPv6 NAT? You do have /48 block, which is more than enough.

If your router is IPv6 capable, then it's only the matter of setting up the right IPv6 routes. The IPv6 routing is separate from IPv4, so there should be no conflict to what you already have on IPv4.