How do I setup a IPv4 Proxy that I connect to over IPv6?
Linode
Linode Staff
I am behind a firewall that only permits IPv6 connectivity to the internet. I would like to tunnel my IPv4 traffic through IPv6 using IPSEC. For simplicity, let's assume my home computer and remote computer are running Debian 9.
Addresses for use in example:
Home IPv6 Address is 2001:db8:1::2/64 (Public)
Home IPv4 Address is 10.0.0.2/24 (Private)
Remote IPv6 Address is 2001:db8:ff::4/64 (Public)
Remote IPv4 Address is 192.0.2.4/24 (Public)
1 Reply
hphillips
Linode Staff
OpenVPN does not currently support dual stack operation, so we will want to setup up a 4in6 tunnel through which we will send encrypted IPv4 OpenVPN traffic.
To create the 4in6 tunnel we will need to extend our local Private IP range to allow an additional subnet for the remote server, let us use 10.0.1.0/24 in this example.
Some of these steps will temporarily disable networking on your Linode, you will want to start by using the LISH console on your Linode:
This answer is a work in progress, I provide a general outline below which I will fill in as I work through the details. I provide this unfinished outline as a roadmap in case you would like to work ahead. Thank you for your patience.
Tunnel Setup
See: http://tldp.org/HOWTO/html_single/Linux+IPv6-HOWTO/#chapter-configuring-ipv4-in-ipv6-tunnels
Home (Local)
/sbin/ip -6 tunnel add ip6tnl1 mode ip4ip6 remote 2001:db8:ff::4 local 2001:db8:1::2
/sbin/ip link set dev ip6tnl1 up
/sbin/ip -6 route add 10.0.1.0/24 dev ip6tnl1 metric 1
Remote
/sbin/ip -6 tunnel add ip6tnl1 mode ip4ip6 remote 2001:db8:1::2 local 2001:db8:ff::4
/sbin/ip link set dev ip6tnl1 up
/sbin/ip -6 route add 10.0.0.0/24 dev ip6tnl1 metric 1
OpenVPN Setup
See: https://www.linode.com/docs/networking/vpn/set-up-a-hardened-openvpn-server/
Home (Local)
To be continued..
Remote Setup
On the Linode you will want to run:
$ sudo apt update && sudo apt upgrade
$ sudo apt install openvpn