Wonder if it’s possible to have a internal ipv4 local address range that is natted to ipv6 public address on your router…

  • orangeboats@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    I suggest doing the opposite. Give internal hosts IPv6 and use NAT64 to enable IPv4-IPv6 communication.

    You can perfectly represent whatever IPv4 address in IPv6, but you can’t even stick the most typical IPv6 address (global unicast address, 128 bits) inside IPv4.

    • TCB13@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      edit-2
      1 year ago

      Touché. Maybe the OP isn’t aware that IPv6 can be made as simple as IPv4 on a local network? Maybe he has IPv4 only devices?

      I believe we should simply abolish IPv4 completely. We have zero need for IPv4 and dual-stack networks are way more prone to errors and complexity.

      People usually say that IPv6 is hard and IPv6 addresses aren’t “memorable” but that’s mostly BS because with the :: aka “reduced format” they can be even simpler than IPv4 - after all fc00::1 is a valid local IPv6 address. :)

      Others might say it is dangerous without understanding how NAT isn’t necessary and how a firewall should work. Another common argument against deprecating IPv4 is that we should keep compatibility with older devices, to which I say… IPv6 support was introduced in Windows XP SP2 (2004).

      IPv6 is great, largely simply networks, make things more efficient and allows for more complex scenarios that are hard to deal with in IPv4. Multihoming, advanced load balancing, network level split DNS, direct peer-to-peer communication, totally abolishing DHCP in a usable way etc.

  • 22decembre@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    If you have external ipv6, why not having internal too ?

    You might need to keep ipv4 internal for some time because some progams only do v4. Opposite, I believe some programs will soon start ipv6-only. So you might need to have ipv6 also on the inside, no matter what.

    • Scoopta
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      My guess is because it scares people. I’ve had other people ask me about it before because they think internal IPv6 is a ridiculous concept and IPv4 just makes so much more sense and is easier to remember. I personally don’t get it but that’s my guess. Dual stack is definitely the easiest way to go tho.

      • orangeboats@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        1 year ago

        Definitely this. Some people say “IPv6 is complicated” just because the address is longer and uses hexadecimal. They actually know nothing about IPv6, not SLAAC or DHCPv6, not address types, or anything… They just know that it’s long and apparently that’s intimidating enough.

        It’s why you actually see people advocating for their “IPv5” solution, aka IPv4-with-2-more-octets. I swear… every month there’s someone saying that.

        Sigh.

        • Scoopta
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          It is interesting how we’ve got this replacement that while slow is clearly taking off and yet people are still out there trying to re-engineer IPv4 as a replacement. Does that qualify as Stockholm syndrome?

  • bfg9k@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    1 year ago

    You can get an IPv6/IPv4 tunnel, but you can’t NAT a v4 subnet to a v6 address. They’re different stacks and wholly incompatible with each other

  • Scoopta
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    I realized I hadn’t actually written a reply to this, only to other people’s replies.

    There’s a couple of problems with doing this. First and foremost is one of principals. IPv6 was designed with the explicit goal of killing off NAT, bringing it forward in this way is counter productive. That being said there’s a much bigger problem here. IPv4 addresses are 32-bits, IPv6 addresses are 4 times larger at 128-bits. There is simply no way to fit an IPv6 address in an IPv4 packet header, it’s simply too big. There are ways to do v6 internal with v4 external but that’s only possible because v4 addresses are so small and can easily be fit inside the v6 address header, what you’re trying to accomplish just isn’t possible from a technical standpoint alone. I would recommend either dual stacking your network, that is running both v4 and v6 at the same time, or if you wish to go single stack you can run pure v6 internally and use NAT64 to get access to v4 services however there are a few caveats with this setup you should be aware of if you want to go down that road.

  • unquietwikiM
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    If NAT64/DNS64 isn’t an option, setting up a small proxy server on an OpenWRT or OPNsense router might work. That assumes you have access to public IPv6; which at that point, you’re better off using said router to provide dual-stack internally.

    • Scoopta
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      This is the opposite of what OP is asking. He’s wanting internal IPv4 with external IPv6, NAT64 provides the opposite.