Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
how to masquerade ipv4 to ipv6..
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
dashang
n00b
n00b


Joined: 22 Jul 2011
Posts: 40

PostPosted: Fri Aug 26, 2011 3:13 pm    Post subject: how to masquerade ipv4 to ipv6.. Reply with quote

is it possible to masquerade ipv4 to ipv6...??

means my server have ipv4 and i want to masquerade my ipv4 to ipv6 ... means other server get my ip as ipv6...

please tell me the solution....
Back to top
View user's profile Send private message
b0nafide
Apprentice
Apprentice


Joined: 17 Feb 2008
Posts: 171
Location: ~/

PostPosted: Fri Aug 26, 2011 4:05 pm    Post subject: Reply with quote

I've had lots of fun with the hurricane electric IPV6 certification, I got all the way up to "professional" level certification and I'm sure I'll finish the rest in due time. I would recommend it to anybody trying to understand ipv6: http://www.he.net/

You'll probably want 6to4 or 6in4 to tunnel ipv6 ... until your ISP provides ipv6.

Good luck
Back to top
View user's profile Send private message
dashang
n00b
n00b


Joined: 22 Jul 2011
Posts: 40

PostPosted: Sat Aug 27, 2011 5:20 am    Post subject: Reply with quote

thank you sir for replaying..... my question is 4to6 tunnel is possible????

in my server ipaddress is ipv4 ...and destination server ip address is ipv6...
i want to do tunnel 4 to 6 ...destination server got my ip address as ipv6....
for that masquerade is possible 4 to 6 ????
Back to top
View user's profile Send private message
opotonil
l33t
l33t


Joined: 17 Jun 2005
Posts: 801
Location: 127.0.0.1

PostPosted: Sat Aug 27, 2011 11:09 am    Post subject: Reply with quote

You can't use masquerade for this, you need a ipv6 tunnel provider.

See: http://www.gentoo.org/doc/en/ipv6.xml
Back to top
View user's profile Send private message
dashang
n00b
n00b


Joined: 22 Jul 2011
Posts: 40

PostPosted: Sat Aug 27, 2011 12:33 pm    Post subject: Reply with quote

in my server all things(iptables chains,network etc...) are in ipv4 ...now if i want to display my server as a ipv6...
so which step i have to take....?????
i have change in my kernel and recompile
install ip6tables
now what about all chain????
in my chain i m using masquerader for convert my ip in Public ip....now how can i change this to ipv6.????
because their is no nat table in ip6tables....


please guide me proper solution......
Back to top
View user's profile Send private message
b0nafide
Apprentice
Apprentice


Joined: 17 Feb 2008
Posts: 171
Location: ~/

PostPosted: Sat Aug 27, 2011 6:40 pm    Post subject: Reply with quote

dashang wrote:

please guide me proper solution......


Why masquerade when you've got 18,446,744,073,709,551,616 ips in your ipv6 /64 block?
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 46381
Location: 56N 3W

PostPosted: Sat Aug 27, 2011 6:58 pm    Post subject: Reply with quote

dashang,

Lets start with a clear statement of the problem without any assumptions as to what the solution might be.

If your ISP only provides IPv6 and you want to use IPv6 on the internet, you need to use a tunnel broker that will accept an IPv6 connection from you, tunneled over IPv4. IPv4 is the only way out of your network.

If you want to use IPv6 around your own LAN, read the rules on choosing IPv6 addresses for use on your LAN. There are ranges for allocated for this in IPv6, just as there are in IPv4
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
Claer
n00b
n00b


Joined: 11 Feb 2003
Posts: 22

PostPosted: Wed Aug 31, 2011 3:03 pm    Post subject: Reply with quote

dashang wrote:
thank you sir for replaying..... my question is 4to6 tunnel is possible????

in my server ipaddress is ipv4 ...and destination server ip address is ipv6...
i want to do tunnel 4 to 6 ...destination server got my ip address as ipv6....
for that masquerade is possible 4 to 6 ????


If you want to translate between protocols, you'll have to proxy.

Insert a dual stack proxy that listen on IPv6 and transmit the request to the IPv4 server in IPv4.
_________________
May the BLU be with you
Back to top
View user's profile Send private message
dashang
n00b
n00b


Joined: 22 Jul 2011
Posts: 40

PostPosted: Thu Sep 01, 2011 5:11 am    Post subject: Reply with quote

I have try with NAT-PT concept.... but its not work........please suggest me more how to do proxy......

i m trying with http://tomicki.net naptd-0.4.2.tar.gz....
i have install naptd....now for configuration.....

Code:
[root@manage newroot]# usr/sbin/naptd-confmaker
Ataga IPv4/IPv6 NAPT Configuration Maker
(c) 2005 by Lukasz Tomicki <tomicki@o2.pl>

Do you want to create a new configuration? [Y/n]

Do you want IPv4 addresses from the outside interfaces to be automatically used as part of the NAT pool? [Y/n]

Do you want to configure additional address as part of your NAT pool? [y/N]

Do you want to create a pool of public IPv4 addresses that will allow incoming connections to be dynamically mapped to appropriate IPv6 addresses? [y/N]

Do you want to create static mappings of public IPv4 addresses that will allow incoming connections to reach IPv6 hosts? [y/N]

Enter the name of the first inside (IPv6) interface that you want NAT-PT to listen on.
interface (eth0 eth1 eth2 eth3 eth4 eth5 eth6 eth7 eth8 eth9 eth10 eth11): eth7

Do you want to enter more interfaces? [y/N]
n
Enter the name of the first outside (IPv4) interface that you want NAT-PT to listen on.
interface (eth0 eth1 eth2 eth3 eth4 eth5 eth6 eth7 eth8 eth9 eth10 eth11): eth5

Do you want to enter more interfaces? [y/N]
n
Enter the TCP translation timeout in seconds [86400]:
Enter the UDP translation timeout in seconds [3600]:
Enter the ICMP translation timeout in seconds [30]:

Enter the IPv6 prefix that will be used as the destination for translations.
prefix [2000:ffff::]:

Please enter the IPv4 address of the DNS server you are currently using.
IPv4 DNS server: 10.104.1.1

You can configure hosts for automatic DNS translation by using the DNS server below.
IPv6 DNS Server: 2000:ffff::a68:101

Thank you for choosing Ataga as you IPv4/IPv6 NAT-PT solution.
Setup is now complete. Type 'naptd' to start NAT-PT.



Now hows its done.......

My eth5 ipv6 is 2000:470:1f01:115::4/64

eth7 which is ipv4 is 10.10.7.1......... and connected pc with this ip PC-1 ---> 10.10.7.2



Now as per the concept if i ping from PC-1 to any other machin...so in that machin it should be dispaly IPV6 in tcpdump...But NATING is not working perfectly.....
please suggest me how to done NATING in IPV6 case....





sorry for english..
Back to top
View user's profile Send private message
Claer
n00b
n00b


Joined: 11 Feb 2003
Posts: 22

PostPosted: Thu Sep 01, 2011 8:25 am    Post subject: Reply with quote

From what I understood, you configured natpt the wrong way.

Let me rephrase your statements and tell me if its the way you intend to do things :

- You have only IPv6 connectivity to the Internet.
- Your network (or one DMZ) is IPv4 only.
- You want the world to connect to your IPv4 server using IPv6

NAT-PT assumes you have IPv4 Internet connectivity and your internal network is v6. Is it what you want?

Proxification of services will work for certain protocols not all.
For example, http could be proxified, ping couldn't (I knew ONE firewall that proxified ping, you don't want it ;))

Let's continue with http example. To give http acces on the v4 host to IPv6 Internet, you'll install a proxy like squid
on a dualstack v4/v6 server (you are not obliged to install it on your firewall)
Then you order the v4 server to use this proxy to surf.

For incoming connections, you install a reverse proxy for the specified domain also on a dual stack server.
Then, you asl your clients to use the IPv6 reverse proxy to connect to the v4 server
_________________
May the BLU be with you
Back to top
View user's profile Send private message
dashang
n00b
n00b


Joined: 22 Jul 2011
Posts: 40

PostPosted: Fri Sep 02, 2011 5:46 am    Post subject: Reply with quote

claer write that....
Quote:
NAT-PT assumes you have IPv4 Internet connectivity and your internal network is v6. Is it what you want?


my internal network have ipv4 connectivity and reach to internet node is ipv6....
Back to top
View user's profile Send private message
Claer
n00b
n00b


Joined: 11 Feb 2003
Posts: 22

PostPosted: Fri Sep 02, 2011 1:42 pm    Post subject: Reply with quote

So you need to not use the default wizzard and read carefully the documentation with NAT-PT in order to achieve what you want ;-)
_________________
May the BLU be with you
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum