From owner-freebsd-questions@freebsd.org Fri May 20 15:33:54 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7B49CB43B81 for ; Fri, 20 May 2016 15:33:54 +0000 (UTC) (envelope-from mark.tinka@seacom.mu) Received: from the-host.seacom.mu (ge-1.ln-01-jnb.za.seacomnet.com [105.28.96.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1CF4E1D52 for ; Fri, 20 May 2016 15:33:53 +0000 (UTC) (envelope-from mark.tinka@seacom.mu) Received: from [127.0.0.1] (helo=Mark-Tinkas-MacBook.local) by the-host.seacom.mu with esmtp (Exim 4.82_1-5b7a7c0-XX) (envelope-from ) id O7HF8F-0002UH-01 for freebsd-questions@freebsd.org; Fri, 20 May 2016 17:33:51 +0200 Subject: Re: tinc and IPv6 routing, or: how to set up a local IPv6 To: freebsd-questions@freebsd.org References: <20160519124446.GB2444@box-fra-01.niklaas.eu> <04e2cb6c-f8c3-7d30-dd53-ca18870c4598@seacom.mu> <20160520065857.GA59066@box-fra-01.niklaas.eu> <545832b8-d7df-9858-82c4-dfe9cc4c7023@seacom.mu> <20160520072052.GB59066@box-fra-01.niklaas.eu> <259f3563-b943-b75f-5d4b-92d3d39aa0ca@seacom.mu> <20160520090118.GA26491@box-fra-01.niklaas.eu> From: Mark Tinka Message-ID: <573b2023-88f3-df1d-146f-c32ddfabf406@seacom.mu> Date: Fri, 20 May 2016 17:33:50 +0200 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.1 MIME-Version: 1.0 In-Reply-To: <20160520090118.GA26491@box-fra-01.niklaas.eu> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 May 2016 15:33:54 -0000 On 20/May/16 11:01, Niklaas Baudet von Gersdorff wrote: > OK, thanks for the advice. I haven't grasped how IPv6 works completely > yet. So, NAT66 is for prefix rewriting, right? NAT66 is the equivalent of NAT44. > Where would I need that? I'd say never. NAT66 is mostly being used by those are like NAT44. NAT44 is useful because IPv4 addresses are in short supply. IPv6 is not in short supply, so NAT66 is not that useful, but that's just my opinion.= > Simple routing (as I tried to achieve) doesn't work here? Have you tried it without the firewall? Technically, I can't see a reason why it's not working, despite it being ULA. > I just stumbled over https://wiki.freebsd.org/IPv6TODO. Would you > recommend to wait with what I am trying to achieve? I mean, the VPN wor= ks > for IPv4, so I can let the servers communicate via v4 and not v6. Does > that have any disadvantages? I mean, shouldn't we all get IPv6-ready? Don't wait. Get your IPv6 going sooner rather than later. I'd advise to use GUA's instead, but for your internal purposes, ULA's will work too. Mark.