Hi misc@,
I have a bit of an unusual desire.
I have one main router with IPv4 and IPv6.
There are "routers" beneath it with only IPv6.
Under those routers are servers, some of which I want to have IPv4
connectivity.
I want them to be directly assigned a real WAN address -- no NATing of
any type. I want the IPv4 connectivity to be established via a tunnel.
So the server will have its "physical" interface with only IPv6, and a
"wg1" interface with IPv4 that connects to 0.0.0.0/0.
What comes to mind is a gif tunnel, but there is a problem. A gif tunnel
is point to point, so if I have a /28, I can only give IPv4 to one
server. I'd prefer not to break up the /28 and waste a bunch of IPs in
the process, turning it into several /30s.
What seems to work, but is wasteful, is Wireguard. Wireguard lets me box
in the IPs nicely, so my servers can't spoof another server. It lets me
work with multiple connections easily.
Perhaps it's possible to do multiple gif (or hundreds of gif?) with
rdomain? I haven't used rdomain and I'm a little leery of opening some
Pandora's Box.
Maybe there's another option?
Thank you!
-Henrich
PS: Does anyone know if anything has come of this ARP Proxy patch? I ran
into this issue today.
https://marc.info/?l=openbsd-tech&m=159684898502125&w=2
No comments:
Post a Comment