Project

General

Profile

Task #7523

TCP/UDP Services supported by IP4-to-IP6 incoming proxy and NAT64 outgoing gateway

Added by Moris Jones over 1 year ago. Updated over 1 year ago.

Status:
New
Priority:
Normal
Assignee:
Target version:
-
Start date:
12/21/2019
Due date:
% Done:

10%

Estimated time:
PM Check date:

Description

List of services, as well as the following parameters:

Currently supported { officially unofficially partially unsupported }
" " TLS
Theoretically possible { yes partly no }
" " TLS

<style>
td.V {font-weight: bold; background-color: green;}
td._ {font-style: underline; background-color: yellow;}
td.X {font-style: strikethru; background-color: red;}
</style>

<h3>IPv4-to-IPv6 incoming gateway</h3>

Note that in the majority of cases services require configuring with cdist in order to work.

<table>
<tr>
<th>Name</th><th>Port / Transfer Protocol</th><th>TLS port</th><th cellspan="2">Currently supported (plaintext/TLS)</th><th cellspan="2">Theoretically possible (plain/TLS)</th><th>Comments</th>
</tr>
<tr>
<th>HTTP</th>
<td style="V">80 tcp</td><td style="V">443 tcp</td>
</tr>
<tr>
<th>DNS</th>
<td style="X">53 tcp</td><td style="X">953 tcp</td>
<td>?</td><td>?</td>
<td>Requires a semi-recursive DNS server on the gateway which resolves via the AAAA record of the domain's name servers</td>
</tr>
<tr>
<th>IMAP</th>
<td style="X">143 tcp</td><td style="V">993 tcp (unofficial)</td>
<td>No</td>
</tr>
<tr>
<th>SMTP</th>
<td style="X">25</td><td style="X">465</td>
<td>Probably</td><td>Probably</td>
<td>Requires a relay mail server on the gateway configured with all domains of IPv6 machines via cdist</td>
</tr>
<tr>
<th>Others - please add</th>
</tr>
</table>

History

#1

Updated by Moris Jones over 1 year ago

  • Subject changed from TCP/UDP Services supported by IP4-to-IP6 incoming gateway and NAT64 outgoing gateway to TCP/UDP Services supported by IP4-to-IP6 incoming proxy and NAT64 outgoing gateway
#2

Updated by Nico Schottelius over 1 year ago

IPv6 only DNS

  • Needs helper/proxy/delegated
  • Setup
    • Domain IN NS <nameserver>
    • nameserver IN AAAA <IPv6 address of the real host>
    • nameserver IN A <IPv4 addres of a "proxy")>
  • How the proxy could function
    • recursive: will usually not set the authorative flag
    • standard secondary: IXFR/AXFR based -> this could easily be implemented

Also available in: Atom PDF