...
HAProxy is able to do the IPv6 to IPv4 proxying (another solution is Socat or iptables module tproxy). With simple configuration lines it is possible to proxy connections between the two protocols.
...
Code Block |
---|
listen webserver1 bind 2001:db8:abc:123::cafe:80 mode http option forwardfor server webserver1 192.0.2.1:80 listen webserver1-ssl-passthrough bind 2001:db8:abc:123::cafe:443 mode tcp server webserver1 192.0.2.1:443 |
Another possible implementation is using NAT64 with for example Tayga (most common stateless NAT64 daemon, http://www.litech.org/tayga/). Downside is the extra process needed on the VPC Router.
Configuration is relative simple and straightforward in taiga.conf.
Code Block |
---|
tun-device nat64
ipv4-addr 192.168.255.1
prefix fd9f:590a:b158:ffff:ffff:ffff::/96
dynamic-pool 192.168.255.0/24
data-dir /var/spool/tayga |
DNS64
Configuring DNS64 can be done with for example Bind by telling that it has to return a special AAAA-record if a client from a specific range requests the IP address of a hostname that has no AAAA record. This AAAA-record is constructed by Bind, using a prefix. When a client tries to connect to an IP starting with the prefix, it will be forwarded (through routing) to the NAT64 setup.
Code Block |
---|
dns64 2001:67c:2834:ff99::/96 {
clients { any; };
mapped { any; };
suffix ::;
recursive-only yes;
};
|
Both NAT64 and DNS64 needs more investigation.
...