|

»

Tunnel IPv6 requests to my IPv4 servers?

View: New views

5 Messages — Rating Filter: Alert me

	Tunnel IPv6 requests to my IPv4 servers? by Rudy (bulk) :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I got my first IPv6 from ARIN. I set up my router and am successfully advertising my IPv6 block. On my DNS server, I added an IPv6 IP, no problem (try pinging! ns1.monkeybrains.net). Now, I'd like to 'NAT' to some older boxes and not mess with actually putting IPv6 IPs on those boxes. Say I had a box with running IPv4 with: 69.147.83.40 How would I 'nat' or 'gif' or 'tunnel' from a NAT box without putting any IPv6 on 69.147.83.40? I want to have: 2607:f598:0:1::666 on my 'firewall' and have it tunnel to 69.147.83.40 or whatever.... I've read this: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ipv6.html But that seems more geared toward getting IPv6 on clients. Rudy _______________________________________________ freebsd-stable@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscribe@..."
	Re: Tunnel IPv6 requests to my IPv4 servers? by Bugzilla from kenyon@kenyonralph.com :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On 2009-11-09T14:26:23-0800, Rudy <crapsh@...> wrote: > I got my first IPv6 from ARIN. I set up my router and am > successfully advertising my IPv6 block. On my DNS server, I added > an IPv6 IP, no problem (try pinging! ns1.monkeybrains.net). Now, > I'd like to 'NAT' to some older boxes and not mess with actually > putting IPv6 IPs on those boxes. Say I had a box with running IPv4 > with: 69.147.83.40 > How would I 'nat' or 'gif' or 'tunnel' from a NAT box without > putting any IPv6 on 69.147.83.40? > > I want to have: > 2607:f598:0:1::666 on my 'firewall' and have it tunnel to > 69.147.83.40 or whatever.... > I've read this: > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ipv6.html > But that seems more geared toward getting IPv6 on clients. Are you trying to give the older boxes IPv6 connectivity or IPv4 connectivity to the Internet? If IPv6, why not just give the older boxes IPv6 addresses? Seems to me it would be a lot easier than messing with tunneling. They don't even need globally routeable IPv4 addresses. Set up rtadvd on your router, allow them to use their automatic IPv6 addresses (or set the addresses manually, doesn't matter), and that should be it. It shouldn't be that hard, since ease of setup is one of the things IPv6 is designed for. On FreeBSD, ipv6_enable="YES" is probably all you need to do. -- Kenyon Ralph signature.asc (204 bytes) Download Attachment
	Re: Tunnel IPv6 requests to my IPv4 servers? by Doug Barton :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Kenyon Ralph wrote: > On 2009-11-09T14:26:23-0800, Rudy <crapsh@...> wrote: >> I got my first IPv6 from ARIN. I set up my router and am >> successfully advertising my IPv6 block. On my DNS server, I added >> an IPv6 IP, no problem (try pinging! ns1.monkeybrains.net). Now, >> I'd like to 'NAT' to some older boxes and not mess with actually >> putting IPv6 IPs on those boxes. Say I had a box with running IPv4 >> with: 69.147.83.40 >> How would I 'nat' or 'gif' or 'tunnel' from a NAT box without >> putting any IPv6 on 69.147.83.40? >> >> I want to have: >> 2607:f598:0:1::666 on my 'firewall' and have it tunnel to >> 69.147.83.40 or whatever.... >> I've read this: >> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ipv6.html >> But that seems more geared toward getting IPv6 on clients. > > Are you trying to give the older boxes IPv6 connectivity or IPv4 > connectivity to the Internet? > > If IPv6, why not just give the older boxes IPv6 addresses? Seems to me > it would be a lot easier than messing with tunneling. They don't even > need globally routeable IPv4 addresses. Set up rtadvd on your router, > allow them to use their automatic IPv6 addresses (or set the addresses > manually, doesn't matter), and that should be it. It shouldn't be that > hard, since ease of setup is one of the things IPv6 is designed for. On > FreeBSD, ipv6_enable="YES" is probably all you need to do. Without knowing what you're trying to accomplish I'd have to agree with Kenyon. One nice thing about IPv6 is that NAT is no longer needed, it would probably be better if you didn't try to subvert the protocol design. :) Doug -- Improve the effectiveness of your Internet presence with a domain name makeover! http://SupersetSolutions.com/ _______________________________________________ freebsd-stable@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscribe@..."
	RE: Tunnel IPv6 requests to my IPv4 servers? by Scott, Brian :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message In a word, 6tunnel. It's an application level proxy that does the job well enough to get you out of trouble. Another approach would be to run netcat (nc) from inetd on the port in question. That said, I'll add my voice to the suggestion that it is very simple to get IPv6 going on pretty much anything (OK, probably a pain on windows 2000 but even there it is theoretically possible). Rather than doing NAT, you simply apply policy with your firewall rules where it should always have been. Brian -----Original Message----- From: owner-freebsd-stable@... [mailto:owner-freebsd-stable@...] On Behalf Of Rudy Sent: Tuesday, 10 November 2009 9:26 AM To: freebsd-stable@... Subject: Tunnel IPv6 requests to my IPv4 servers? I got my first IPv6 from ARIN. I set up my router and am successfully advertising my IPv6 block. On my DNS server, I added an IPv6 IP, no problem (try pinging! ns1.monkeybrains.net). Now, I'd like to 'NAT' to some older boxes and not mess with actually putting IPv6 IPs on those boxes. Say I had a box with running IPv4 with: 69.147.83.40 How would I 'nat' or 'gif' or 'tunnel' from a NAT box without putting any IPv6 on 69.147.83.40? I want to have: 2607:f598:0:1::666 on my 'firewall' and have it tunnel to 69.147.83.40 or whatever.... I've read this: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ipv6.h tml But that seems more geared toward getting IPv6 on clients. Rudy _______________________________________________ freebsd-stable@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscribe@..." ******************************************************************** This message is intended for the addressee named and may contain privileged information or confidential information or both. If you are not the intended recipient please delete it and notify the sender. ******************************************************************** _______________________________________________ freebsd-stable@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscribe@..."
	Re: Tunnel IPv6 requests to my IPv4 servers? by Rudy (bulk) :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message > That said, I'll add my voice to the suggestion that it is very simple to > get IPv6 going on pretty much anything Hmmm... half the boxes I host, I don't have a login to, yet for some odd reason, I want to make my network 100% IPv6 accessible. I manage two /22's so, I'm sitting on a pile of IPs. First off, I'm going to get a one-to-one mapping setup for every IP -- hopefully through 6tunnel (I'll look into that, thanks for the pointer). Second, I'll migrate to multiple IPs on boxes that I have access to / boxes that support IPv6. (Example: Pre FreeBSD 7.2 box jails only support one IP) Goal: 100% IPv6 ready, whether my customers want it or not! Rudy _______________________________________________ freebsd-stable@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscribe@..."