IPv6-only network--is NAT64+DNS64 really this easy now?

Evilham contact at evilham.com
Wed Jun 26 08:40:09 UTC 2019

Hi there,

On dt., juny 25 2019, ultima at ultimasbox.com wrote:

> Hello Mel,
>  While it may be possible to have an IPv6 only environment, I 
>  don't
> think it is really viable. There are simply too many things that 
> don't run
> on or have very limited support for IPv6 that it makes it very 
> hard
> to drop IPv4 altogether and until something comes along forcing 
> the
> move it likely won't happen for at least another decade at the 
> minimum.
> Best regards,
> Richard Gallamore
> On Mon, Jun 24, 2019 at 6:50 PM Mel Pilgrim 
> <list_freebsd at bluerosetech.com>
> wrote:
>> I'm looking to set up a pure-IPv6 environment to test the 
>> viability of
>> it.  I tried this a few years ago and fell flat on my face due 
>> to the
>> lack of NAT64 and DNS64 support.
>> Reading through docs now, it looks like unbound has a DNS64 
>> module, and
>> NAT64 is baked into ipfw.  Waving a hand at bug-hunting and 
>> lamentations
>> over the inertia of embedded systems designers, has it really 
>> become
>> this easy to turn up an IPv6-only site?

At risk of sounding like an advertiser, let me point to: 
As an example of it really being viable nowadays.

Basically, as other have mentioned, there are a few caveats, but 
most of them are easily solved.
Software with hard-coded legacy IP addresses is not that common 
now, but an issue that I have seen often are fields (settings, 
input, ...) that won't accept IPv6 addresses as valid, but will 
accept a domain name as valid:
quite often in these cases, pointing to a domain name that echoes 
back the IP over DNS (e.g. for IPv4) is enough, in 
that if needed DNS64 will add the AAAA records pointing to the 
NAT64 and the piece of software that refused the IPv6 on 
settings/input, just transparently uses that.

Basically, if you are unsure weather things can work out: they 
can, it's not painful and more often than not, even if you forget 
to do DNS64, you only notice that something is different when 
using the all-time Big Offenders (Twitter, GitHub, ...).

More information about the freebsd-questions mailing list