Date: Sun, 26 Oct 2008 09:06:58 -0700 From: "Kevin Oberman" <oberman@es.net> To: "Eduardo Meyer" <dudu.meyer@gmail.com> Cc: freebsd-net@freebsd.org, freebsd-stable@freebsd.org Subject: Re: NAT-PT on FreeBSD (or something else)? Message-ID: <20081026160658.7ED2345048@ptavv.es.net> In-Reply-To: Your message of "Sun, 26 Oct 2008 13:18:35 -0100." <d3ea75b30810260718x52f902ddicdd15988bca786f7@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--==_Exmh_1225037218_63075P Content-Type: text/plain; charset=us-ascii Content-Disposition: inline > Date: Sun, 26 Oct 2008 13:18:35 -0100 > From: "Eduardo Meyer" <dudu.meyer@gmail.com> > Sender: owner-freebsd-net@freebsd.org > > Hello, > > I want to start a migration education to IPv6, setting up my internal > network to be 100% ipv6-only. I dont want it to be dual stacked, > because I intend to force my team to perform only IPv6 related tools > on the internal network. However, when performing internet activity > like, reading e-mail or browsing the web, its impossible to avoid IPv4 > today. > > I want them to be able to reach IPv4 network (internet) transparently. > When DNS resolve to IPv4, they will ask the gateway (ipv6, dual > stacked), who will put their v6 address in the v4 network. > > How can I accomplish that? Is NAT-PT the only way? If so, how can I > get NAT-PT on FreeBSD? > > Your opinion: do you think this approach can be used for end users? I > mean, someone with windows vista and teredo, is already getting IPv6 > address since my FreeBSD is advertising it. However they are dual > stacked. I want people to be v6-only and still can visit v4 networks > transparently, without technical knowledge (say, my girlfriend who is > not a geek). > > I guess this is a migration/education strategy, which I intend to > deploy, but right now I am only studying. > > Will faith(4) do this for me? I suspect that this is simply not quite possible today, although it's close. The BEHAVE IETF working group is the place to look for the latest information on this area. <http://www.ietf.org/html.charters/behave-charter.html>; I have tried a couple of solutions. The one that worked best was IVI, developed in China. It generally worked well and was fairly fast. It's big problem is embedded IPv4 addresses in things like JavaScript. This is a workable problem, but it has not been worked to this point. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 --==_Exmh_1225037218_63075P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) Comment: Exmh version 2.5 06/03/2002 iD8DBQFJBJWikn3rs5h7N1ERAjPQAJ96WoYYLSQ7l7OKmX02Fzhqn4z2MACfeUh8 Ibhxt6IY+c1uMVuOP7YH1DA= =6OI/ -----END PGP SIGNATURE----- --==_Exmh_1225037218_63075P--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081026160658.7ED2345048>