Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 24 Apr 2009 09:57:19 -0400
From:      Steve Bertrand <steve@ibctech.ca>
To:        Nathan Lay <nslay@comcast.net>
Cc:        freebsd-net@freebsd.org
Subject:   Re: IPv6 Ideas
Message-ID:  <49F1C53F.5040202@ibctech.ca>
In-Reply-To: <49F1128A.3080501@comcast.net>
References:  <49F1128A.3080501@comcast.net>

next in thread | previous in thread | raw e-mail | index | archive | help
Nathan Lay wrote:
> I started playing with IPv6 on my home network with the intent to
> transition over.  While many things work quite well, IPv6 technology in
> general still seems to have some rough edges.

I disagree. I believe the "rough edges" do not belong to IPv6, the
"rough edges" are the applications that are not compatible, the network
devices that are not compatible, and the ISP's who have the mindset that
they will never need IPv6, and refuse to look at it.

> To be backward compatible with IPv4, I had a look at faith and faithd
> and while these tools are ingenius, I don't think they are good enough
> for transitioning to IPv6.  I imagine it is possible to write an
> IPv6->IPv4 NAT daemon that uses faith to capture and restructure
> IPv6/IPv4 packets.  Though, it really seems like this is the firewall's job
> 
> A pf rule like:
> 
> nat on $inet4_if inet to any from $lan_if:network6 -> ($inet4_if)
> 
> would be extremely convenient.  I'm aware pf doesn't support the token
> :network6 ... its just a wishful example.  The IPv6 mapped IPv4
> addresses would be the standard ::ffff:0:0/96 prefix.  I imagine that
> this is very difficult to implement but I don't see why it wouldn't be
> possible.  If a firewall supported this kind of NAT, a home network
> could easily deploy IPv6 and be backward compatible.  Well, not quite, I
> guess BIND would have to serve IPv6 mapped IPv4 addresses to IPv6 queries.

My hope is that I never have to deal with anything where IPv6 and NAT
are in the same sentence :)

> Comments?

- ask your ISP about their IPv6 deployment plans, and how soon they can
provide it to you
- get a tunnel set up to a tunnel broker (sixxs.net, he.net etc)
- ask your ISP how soon they can provide it to you
- play, play play

> Other than that, this has been one hell of a fun experience.

A tad bit different, huh ;)

Steve



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49F1C53F.5040202>