NAT 6to4 to a remote system to provide IPv4 connectivity to IPv6 only systems

Hey all,

I've got a handful of VPSes that only have IPv6 access (absolutely zero IPv4 access) and wanted to utilize another server I own that has dual stack connectivity to forward ports to the IPv6 only VPS. Was wondering if anyone has attempted a setup like this before in the past and how you got it to work as you wanted.

Thanks!

Cheap dedis are my drug, and I'm too far gone to turn back.

Comments

  • I would build a zerotier network, connect all VPSs to that network, assign ipv4 addresses to the zerotier interface and set the dualstack VPS as the gateway.

    Thanked by (1)CamoYoshi

    The all seeing eye sees everything...

  • @terrorgen said:
    I would build a zerotier network, connect all VPSs to that network, assign ipv4 addresses to the zerotier interface and set the dualstack VPS as the gateway.

    Was leaning toward that doing some of my own research but just wanted to see what others had come up with, mostly out of curiosity/experiences... I'll give that a whirl :)

    Cheap dedis are my drug, and I'm too far gone to turn back.

  • @CamoYoshi said:
    Hey all,

    I've got a handful of VPSes that only have IPv6 access (absolutely zero IPv4 access) and wanted to utilize another server I own that has dual stack connectivity to forward ports to the IPv6 only VPS. Was wondering if anyone has attempted a setup like this before in the past and how you got it to work as you wanted.

    Thanks!

    Setup wireguard. Works for me from a dual stack to ipv6.

    Will check zerotier too... @terrorgen

  • rm_rm_
    edited October 2020

    6to4 is a very specific thing: https://en.wikipedia.org/wiki/6to4, and is not applicable here.
    It's not correct to use the term for anything converting v6 to v4 or vice versa.

    What could work is NAT64, set up a "public" NAT64 server using global IPs, then make the other hosts use its DNS64 as their nameservers. And then instead of actually leaving it public, whitelist your specific VPS IPs in firewall and block the rest, so the entire world can't route through it.

    Or of course, any VPN solution where your v6-only nodes would connect to dual-stack ones and route the v4 traffic through those.

  • edited October 2020

    If all you need is inbound port forwarding (no need for IPv6-only boxes to access IPv4 network), you may not need NAT.

    Consider socat or possibly iptables.

Sign In or Register to comment.

This Site is currently in maintenance mode.
Please check back here later.

→ Site Settings