# how to masquerade ipv4 to ipv6..

## dashang

is it possible to masquerade  ipv4 to ipv6...??

means my server have ipv4  and i want to masquerade  my ipv4 to ipv6 ... means other server get my ip as ipv6...

please tell me the solution....

----------

## b0nafide

I've had lots of fun with the hurricane electric IPV6 certification, I got all the way up to "professional" level certification and I'm sure I'll finish the rest in due time. I would recommend it to anybody trying to understand ipv6: http://www.he.net/

You'll probably want 6to4 or 6in4 to tunnel ipv6 ... until your ISP provides ipv6. 

Good luck

----------

## dashang

thank you sir for replaying.....  my question is 4to6 tunnel is possible????

in my server   ipaddress  is  ipv4  ...and destination server  ip address is ipv6...

i want to do tunnel 4 to 6 ...destination server got my ip address  as ipv6....

for that masquerade  is possible 4 to 6 ????

----------

## opotonil

You can't use masquerade for this, you need a ipv6 tunnel provider.

See: http://www.gentoo.org/doc/en/ipv6.xml

----------

## dashang

in my server all things(iptables chains,network etc...) are in ipv4 ...now if i want to display my server as a ipv6...

so which step i have to take....?????

i have change in my kernel and recompile

install ip6tables

now what about all chain????

in my chain i m using masquerader  for convert my ip in Public ip....now how can i change this to ipv6.????

because their is no nat table in ip6tables....

please guide me proper solution......

----------

## b0nafide

 *dashang wrote:*   

> 
> 
> please guide me proper solution......

 

Why masquerade when you've got 18,446,744,073,709,551,616 ips in your ipv6 /64 block?

----------

## NeddySeagoon

dashang,

Lets start with a clear statement of the problem without any assumptions as to what the solution might be.

If your ISP only provides IPv6 and you want to use IPv6 on the internet, you need to use a tunnel broker that will accept an IPv6 connection from you, tunneled over IPv4.  IPv4 is the only way out of your network.

If you want to use IPv6 around your own LAN, read the rules on choosing IPv6 addresses for use on your LAN. There are ranges for allocated for this in IPv6, just as there are in IPv4

----------

## Claer

 *dashang wrote:*   

> thank you sir for replaying.....  my question is 4to6 tunnel is possible????
> 
> in my server   ipaddress  is  ipv4  ...and destination server  ip address is ipv6...
> 
> i want to do tunnel 4 to 6 ...destination server got my ip address  as ipv6....
> ...

 

If you want to translate between protocols, you'll have to proxy.

Insert a dual stack proxy that listen on IPv6 and transmit the request to the IPv4 server in IPv4.

----------

## dashang

I have try with NAT-PT concept.... but its not work........please suggest me more how to do proxy......

i m trying with  http://tomicki.net   naptd-0.4.2.tar.gz....

i have install naptd....now for configuration.....

```
[root@manage newroot]# usr/sbin/naptd-confmaker 

Ataga IPv4/IPv6 NAPT Configuration Maker

(c) 2005 by Lukasz Tomicki <tomicki@o2.pl>

Do you want to create a new configuration? [Y/n]

Do you want IPv4 addresses from the outside interfaces to be automatically used as part of the NAT pool? [Y/n]

Do you want to configure additional address as part of your NAT pool? [y/N]

Do you want to create a pool of public IPv4 addresses that will allow incoming connections to be dynamically mapped to appropriate IPv6 addresses? [y/N]

Do you want to create static mappings of public IPv4 addresses that will allow incoming connections to reach IPv6 hosts? [y/N]

Enter the name of the first inside (IPv6) interface that you want NAT-PT to listen on.

interface (eth0 eth1 eth2 eth3 eth4 eth5 eth6 eth7 eth8 eth9 eth10 eth11): eth7

Do you want to enter more interfaces? [y/N]

n

Enter the name of the first outside (IPv4) interface that you want NAT-PT to listen on.

interface (eth0 eth1 eth2 eth3 eth4 eth5 eth6 eth7 eth8 eth9 eth10 eth11): eth5

Do you want to enter more interfaces? [y/N]

n

Enter the TCP translation timeout in seconds [86400]: 

Enter the UDP translation timeout in seconds [3600]: 

Enter the ICMP translation timeout in seconds [30]: 

Enter the IPv6 prefix that will be used as the destination for translations.

prefix [2000:ffff::]: 

Please enter the IPv4 address of the DNS server you are currently using.

IPv4 DNS server: 10.104.1.1

You can configure hosts for automatic DNS translation by using the DNS server below.

IPv6 DNS Server: 2000:ffff::a68:101

Thank you for choosing Ataga as you IPv4/IPv6 NAT-PT solution.

Setup is now complete. Type 'naptd' to start NAT-PT.

```

Now hows its done.......

My eth5 ipv6 is  2000:470:1f01:115::4/64

eth7  which is ipv4  is 10.10.7.1......... and connected pc with this ip PC-1 ---> 10.10.7.2

Now as per the concept if i ping from  PC-1 to any other machin...so in that machin it should be dispaly IPV6 in tcpdump...But NATING is not working perfectly.....

please suggest me how to done NATING in IPV6 case....

sorry for english..

----------

## Claer

From what I understood, you configured natpt the wrong way.

Let me rephrase your statements and tell me if its the way you intend to do things :

 - You have only IPv6 connectivity to the Internet.

 - Your network (or one DMZ) is IPv4 only.

 - You want the world to connect to your IPv4 server using IPv6

NAT-PT assumes you have IPv4 Internet connectivity and your internal network is v6. Is it what you want?

Proxification of services will work for certain protocols not all.

For example, http could be proxified, ping couldn't (I knew ONE firewall that proxified ping, you don't want it ;))

Let's continue with http example. To give http acces on the v4 host to IPv6 Internet, you'll install a proxy like squid 

on a dualstack v4/v6 server (you are not obliged to install it on your firewall) 

Then you order the v4 server to use this proxy to surf.

For incoming connections, you install a reverse proxy for the specified domain also on a dual stack server.

Then, you asl your clients to use the IPv6 reverse proxy to connect to the v4 server

----------

## dashang

claer write that....

 *Quote:*   

> NAT-PT assumes you have IPv4 Internet connectivity and your internal network is v6. Is it what you want? 
> 
> 

 

my internal network have ipv4 connectivity and reach to internet node is ipv6....

----------

## Claer

So you need to not use the default wizzard and read carefully the documentation with NAT-PT in order to achieve what you want ;-)

----------

