this post was submitted on 19 Jun 2024
313 points (85.5% liked)

Programmer Humor

19585 readers
1027 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 1 year ago
MODERATORS
 

Today in our newest take on "older technology is better": why NAT rules!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 5 months ago

If there is a ipv6 service online. That you want to reach from a v4 only client. You can set up a fixed 1:1 nat on your firewall where you define a fake internal ipv4 address -> destination NAT onto the public ipv6 address of the service. And SRC NAT64 embed your clients internal v4 into the source ipv6 for the return traffic. And provide a internal dns view A record pointing to the fake internal ip record. It would work, but does not scale very well. Since you would have to set this up for every ipv6 ip.

A better solution would be to use a dualstack SOCKS5 proxy with dns forwarding where the client would use the IPv6 of the proxy for the connection. But that does not use NAT tho.

The best solution is to deploy IPv6 ofcourse. ;)