CLAT for IPv4 access through DNS64 on IPv6 only servers!

Please login or register.

Login with username, password and session length
Advanced search  
Pages: [1]   Go Down

Author Topic: CLAT for IPv4 access through DNS64 on IPv6 only servers!  (Read 12877 times)

0 Members and 1 Guest are viewing this topic.

jaminmc

  • Newbie
  • *
  • Offline Offline
  • Posts: 2
CLAT for IPv4 access through DNS64 on IPv6 only servers!
« on: August 08, 2023, 11:25:15 PM »

I wish that the IPv6 servers would provide a private IPv4 address that would route outgoing IPv4 traffic. But I found a solution that uses the free DNS64.org servers, not only for DNS, but free IPv4 routing.

This does enable IPv6 forwarding for outgoing IPv4 to IPv6 proxy, as my server only got 1 IPv6 address.

So you have a IPv6 only server, and IPv4 only sites won't load, or even worse, you have a program that uses hardcoded IPv4 address in it, and it won't work just using a DNS64 dns server. The following will setup CLAT on your server that will translate IPv4 address to the IPv6 prefix that is detects for the DNS64 IPv6 range.

This was done on Debian 12, but should also work for Ubuntu. After logging in to your server:

Prep for getting system working
Code: [Select]
apt update
echo "dns-nameserver 2a01:4f8:c2c:123f::1" >> /etc/network/interfaces
echo "dns-nameserver 2a00:1098:2c::1" >> /etc/network/interfaces
apt install resolvconf git build-essential tayga curl
reboot

After rebooting, we will install CLAT
Code: [Select]
mkdir ~/src
cd ~/src
git clone https://github.com/toreanderson/clatd
make -C clatd install installdeps

This configures CLAT
Code: [Select]
cat <<'EOF' > /etc/clatd.conf
clat-v6-addr=fd00::c1a7
proxynd-enable=false
script-up=nft "add table ip6 clatd" ; nft "add chain ip6 clatd POSTROUTING { type nat hook postrouting priority srcnat; }" ; nft "add rule ip6 clatd POSTROUTING masquerade"
script-down=nft 'delete table ip6 clatd'
EOF
echo "net.ipv6.conf.all.forwarding = 1" >> /etc/sysctl.d/00-ip6fwd.conf
sysctl -p
systemctl restart clatd

Now to test if it works, just run
Code: [Select]
curl 1.1.1.1. You should then see:
Code: [Select]
root@srv[Redacted]:~/src# curl 1.1.1.1
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>cloudflare</center>
</body>
</html>

This uses the DNS from nat64.net. and their servers seem to block pings. So that is why I use `curl 1.1.1.1`.



« Last Edit: December 04, 2024, 01:23:32 AM by jaminmc »
Logged


Forum-Support2

  • Administrator
  • Sr. Member
  • *****
  • Offline Offline
  • Posts: 272
Re: CLAT for IPv4 access through DNS64 on IPv6 only servers!
« Reply #1 on: August 09, 2023, 08:52:12 AM »

Hello,

to use IPv4 you need to use an IPv4 address. Other types of services to use IPv4 are not official supported.
Logged

melaniewalker

  • Guest
Re: CLAT for IPv4 access through DNS64 on IPv6 only servers!
« Reply #2 on: August 16, 2023, 03:59:46 AM »

You need to use an IPv4 address.
Logged

jaminmc

  • Newbie
  • *
  • Offline Offline
  • Posts: 2
Re: CLAT for IPv4 access through DNS64 on IPv6 only servers!
« Reply #3 on: December 04, 2024, 01:26:33 AM »

It has been over a year, and this still works... I am suprised that nobody has pointed out that there was a typo in the `systemctl restart clatd` command. I fixed it :)

I'm glad I posted the post, as I just created a new server, and I didn't have to figure it out again from scratch. :)

VS2-free works just fine with this :)
« Last Edit: December 04, 2024, 01:38:21 AM by jaminmc »
Logged
Pages: [1]   Go Up
 

Page created in 0.062 seconds with 21 queries.