1

Supposing I have a dedicated server at host.com with an IPv4 address 1.2.3.4, a statically assigned IPv6 address, and an ample supply of additional IPv6 addresses. This host is serving multiple KVMs at guest.com, guest0.com, guest1.com and so forth, with statically assigned IPv6 addresses. What is the most effective way to make these guests available to IPv4 only clients utilizing the IPv4 of host.com?

Note: All hosts are running Ubuntu 18.04 and various services, and availability needs to be on a named base level, not merely a single service or port/socket.

Joshp.23
  • 125
  • 6
  • 2
    This is likely heavily dependent on the OS on your host.com. Please provide this information. – Tomek Oct 24 '19 at 09:33
  • 1
    Also what do you mean by "make available"? Are they all hosting a web server, do you want to ssh to each, or can they all be hosting any number of arbitrary services? – hardillb Oct 24 '19 at 09:55
  • I edited the question to reflect. These are all Ubuntu 18.04 machines, and it is preferable to achieve a setup accommodating any number of arbitrary services. – Joshp.23 Oct 24 '19 at 10:04

1 Answers1

1

Given the requirement is for each IPv6 only machine is to host an arbitrary number of different services I think you are out of luck.

This is basically the same problem as a single public IPv4 address and a collection of servers behind it on a network with RFC1918 range. (e.g. a Home broadband type set up)

If they were all hosting a service that incapsulates the host name in the protocol (e.g. HTTP or HTTPS with SNI) then the dual homed machine could easily proxy for the them. But at a pure IP level there is no way to do this as the IPv4 only client will use DNS to resolve the address of the target, this can return 2 options:

  1. the IPv4 address of the gateway, it then opens a connection to the gateway, but now the end target information has been lost (as it's not carried in the protocol) so it doesn't know where to forward the packet to.
  2. the IPv6 address of the end target, but being IPv4 only it has no way to reach it.

The best halfway house approach I can think of is using SSH to setup client local port forwarding via the gateway (as a Bastian host) to the target machine. This would mean you would need to start a SSH connection on each client before trying to access the target server. And you would need to know what services that server offered before starting the ssh session as it would need to set up the forwarding for each service up front.

hardillb
  • 1,552
  • 2
  • 12
  • 23