OpenVPN as IPv4 to IPv6 gateway: how to create your own 4to6 tunnel with a “personal” IPv6
I have a VPS in Amsterdam that has a /64 network of IPv6 addresses assigned to it, with unmetered internet access enabled, plus an IPv4 also unmetered..
I'm now wandering if it is possible to not only create a "simple" IPv4 "normal" VPN server, but also a 4to6 gateway, meaning that everyone that connects to my VPN server, will access the internet in IPv6 instead and have just the VPN tunnel in IPv4 mode;
Also meaning that every one of my devices that connects to the VPN will have a single, unique IPv6 address assigned and this would be for example to be able to access my home machine via IPv6 accessing the VPS of the VPN server firstly and then being re-routed over the IPv4 VPN tunnel to access the real machine "behind" that IPv6, all software based with the VPN.
It would be great to have auto assignment of IPv6 addresses the first time a certain device connects and to save that IPv6 in a config file to that and that device only for the aforementioned reasons; but I don't mind creating a config file myself and adding all the devices manually...
Is it possible / is there some online guides (digitalocean or something like that) that I can follow step by step to install the VPN server software in my VPS, enable all the certificates, find a way to differentiate every single device that connects in not by IP but something else (I don't even mind creating 7 certificates, one for each device that will use the VPN), and configuring the config file for the 6to4 tunnel?
networking vpn openvpn ipv6
asked Jan 8 at 18:22
BJPGameVideosITABJPGameVideosITA
13
add a comment |
I have a VPS in Amsterdam that has a /64 network of IPv6 addresses assigned to it, with unmetered internet access enabled, plus an IPv4 also unmetered..
I'm now wandering if it is possible to not only create a "simple" IPv4 "normal" VPN server, but also a 4to6 gateway, meaning that everyone that connects to my VPN server, will access the internet in IPv6 instead and have just the VPN tunnel in IPv4 mode;
Also meaning that every one of my devices that connects to the VPN will have a single, unique IPv6 address assigned and this would be for example to be able to access my home machine via IPv6 accessing the VPS of the VPN server firstly and then being re-routed over the IPv4 VPN tunnel to access the real machine "behind" that IPv6, all software based with the VPN.
It would be great to have auto assignment of IPv6 addresses the first time a certain device connects and to save that IPv6 in a config file to that and that device only for the aforementioned reasons; but I don't mind creating a config file myself and adding all the devices manually...
Is it possible / is there some online guides (digitalocean or something like that) that I can follow step by step to install the VPN server software in my VPS, enable all the certificates, find a way to differentiate every single device that connects in not by IP but something else (I don't even mind creating 7 certificates, one for each device that will use the VPN), and configuring the config file for the 6to4 tunnel?
networking vpn openvpn ipv6
asked Jan 8 at 18:22
BJPGameVideosITABJPGameVideosITA
13
add a comment |
I have a VPS in Amsterdam that has a /64 network of IPv6 addresses assigned to it, with unmetered internet access enabled, plus an IPv4 also unmetered..
I'm now wandering if it is possible to not only create a "simple" IPv4 "normal" VPN server, but also a 4to6 gateway, meaning that everyone that connects to my VPN server, will access the internet in IPv6 instead and have just the VPN tunnel in IPv4 mode;
Also meaning that every one of my devices that connects to the VPN will have a single, unique IPv6 address assigned and this would be for example to be able to access my home machine via IPv6 accessing the VPS of the VPN server firstly and then being re-routed over the IPv4 VPN tunnel to access the real machine "behind" that IPv6, all software based with the VPN.
It would be great to have auto assignment of IPv6 addresses the first time a certain device connects and to save that IPv6 in a config file to that and that device only for the aforementioned reasons; but I don't mind creating a config file myself and adding all the devices manually...
Is it possible / is there some online guides (digitalocean or something like that) that I can follow step by step to install the VPN server software in my VPS, enable all the certificates, find a way to differentiate every single device that connects in not by IP but something else (I don't even mind creating 7 certificates, one for each device that will use the VPN), and configuring the config file for the 6to4 tunnel?
networking vpn openvpn ipv6
asked Jan 8 at 18:22
BJPGameVideosITABJPGameVideosITA
13
I have a VPS in Amsterdam that has a /64 network of IPv6 addresses assigned to it, with unmetered internet access enabled, plus an IPv4 also unmetered..
I'm now wandering if it is possible to not only create a "simple" IPv4 "normal" VPN server, but also a 4to6 gateway, meaning that everyone that connects to my VPN server, will access the internet in IPv6 instead and have just the VPN tunnel in IPv4 mode;
Also meaning that every one of my devices that connects to the VPN will have a single, unique IPv6 address assigned and this would be for example to be able to access my home machine via IPv6 accessing the VPS of the VPN server firstly and then being re-routed over the IPv4 VPN tunnel to access the real machine "behind" that IPv6, all software based with the VPN.
It would be great to have auto assignment of IPv6 addresses the first time a certain device connects and to save that IPv6 in a config file to that and that device only for the aforementioned reasons; but I don't mind creating a config file myself and adding all the devices manually...
Is it possible / is there some online guides (digitalocean or something like that) that I can follow step by step to install the VPN server software in my VPS, enable all the certificates, find a way to differentiate every single device that connects in not by IP but something else (I don't even mind creating 7 certificates, one for each device that will use the VPN), and configuring the config file for the 6to4 tunnel?
networking vpn openvpn ipv6
networking vpn openvpn ipv6
asked Jan 8 at 18:22
BJPGameVideosITABJPGameVideosITA
13
asked Jan 8 at 18:22
BJPGameVideosITABJPGameVideosITA
13
edited Jan 10 at 18:44
BJPGameVideosITA
asked Jan 8 at 18:22
BJPGameVideosITABJPGameVideosITA
13
asked Jan 8 at 18:22
BJPGameVideosITABJPGameVideosITA
13
asked Jan 8 at 18:22
BJPGameVideosITABJPGameVideosITA
13
13
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
I am going to assume that the mention of 4to6 and 6to4 in your question is a mistake and you really meant 6in4. However if you are using a proper VPN you will however not need 6in4.
The main difference between VPN and 6in4 is that 6in4 is just a tunnel and VPN is a tunnel with a cryptographic layer for security. A VPN can run both IPv4 and IPv6 on the inside of the tunnel regardless of whether the tunnel itself runs over IPv4 or IPv6.
How to configure that depend on the VPN you are using.
The real question here is whether your VPS actually has enough addresses to do what you want. You say you have a /64, but that's not sufficient information to know whether that VPS is suitable.
In order to run a correctly configured VPN you need both a link prefix and a routed prefix. The link prefix need to be a /64. The routed prefix need to be /64 or shorter. Based on the information in the question I'd guess a /56 or /60 would be suitable.
Many VPS providers by default will give you a /64 link prefix and no routed prefix. The link prefix can be either dedicated to you or shared between multiple customers. Some VPS providers will give you a routed prefix if you ask for one, some VPS providers just won't give you a routed prefix.
answered Jan 11 at 19:17
kasperdkasperd
2,63111126
Comments are not for extended discussion; this conversation has been moved to chat.
– DavidPostill♦
Jan 12 at 20:26
Sorry @DavidPostill, thanks for the authorization to post on the live chat for the information sharing in order to properly answer the asked goal.
– BJPGameVideosITA
Jan 12 at 22:29
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1391971%2fopenvpn-as-ipv4-to-ipv6-gateway-how-to-create-your-own-4to6-tunnel-with-a-pers%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I am going to assume that the mention of 4to6 and 6to4 in your question is a mistake and you really meant 6in4. However if you are using a proper VPN you will however not need 6in4.
The main difference between VPN and 6in4 is that 6in4 is just a tunnel and VPN is a tunnel with a cryptographic layer for security. A VPN can run both IPv4 and IPv6 on the inside of the tunnel regardless of whether the tunnel itself runs over IPv4 or IPv6.
How to configure that depend on the VPN you are using.
The real question here is whether your VPS actually has enough addresses to do what you want. You say you have a /64, but that's not sufficient information to know whether that VPS is suitable.
In order to run a correctly configured VPN you need both a link prefix and a routed prefix. The link prefix need to be a /64. The routed prefix need to be /64 or shorter. Based on the information in the question I'd guess a /56 or /60 would be suitable.
Many VPS providers by default will give you a /64 link prefix and no routed prefix. The link prefix can be either dedicated to you or shared between multiple customers. Some VPS providers will give you a routed prefix if you ask for one, some VPS providers just won't give you a routed prefix.
answered Jan 11 at 19:17
kasperdkasperd
2,63111126
Comments are not for extended discussion; this conversation has been moved to chat.
– DavidPostill♦
Jan 12 at 20:26
Sorry @DavidPostill, thanks for the authorization to post on the live chat for the information sharing in order to properly answer the asked goal.
– BJPGameVideosITA
Jan 12 at 22:29
add a comment |
I am going to assume that the mention of 4to6 and 6to4 in your question is a mistake and you really meant 6in4. However if you are using a proper VPN you will however not need 6in4.
The main difference between VPN and 6in4 is that 6in4 is just a tunnel and VPN is a tunnel with a cryptographic layer for security. A VPN can run both IPv4 and IPv6 on the inside of the tunnel regardless of whether the tunnel itself runs over IPv4 or IPv6.
How to configure that depend on the VPN you are using.
The real question here is whether your VPS actually has enough addresses to do what you want. You say you have a /64, but that's not sufficient information to know whether that VPS is suitable.
In order to run a correctly configured VPN you need both a link prefix and a routed prefix. The link prefix need to be a /64. The routed prefix need to be /64 or shorter. Based on the information in the question I'd guess a /56 or /60 would be suitable.
Many VPS providers by default will give you a /64 link prefix and no routed prefix. The link prefix can be either dedicated to you or shared between multiple customers. Some VPS providers will give you a routed prefix if you ask for one, some VPS providers just won't give you a routed prefix.
answered Jan 11 at 19:17
kasperdkasperd
2,63111126
Comments are not for extended discussion; this conversation has been moved to chat.
– DavidPostill♦
Jan 12 at 20:26
Sorry @DavidPostill, thanks for the authorization to post on the live chat for the information sharing in order to properly answer the asked goal.
– BJPGameVideosITA
Jan 12 at 22:29
add a comment |
I am going to assume that the mention of 4to6 and 6to4 in your question is a mistake and you really meant 6in4. However if you are using a proper VPN you will however not need 6in4.
The main difference between VPN and 6in4 is that 6in4 is just a tunnel and VPN is a tunnel with a cryptographic layer for security. A VPN can run both IPv4 and IPv6 on the inside of the tunnel regardless of whether the tunnel itself runs over IPv4 or IPv6.
How to configure that depend on the VPN you are using.
The real question here is whether your VPS actually has enough addresses to do what you want. You say you have a /64, but that's not sufficient information to know whether that VPS is suitable.
In order to run a correctly configured VPN you need both a link prefix and a routed prefix. The link prefix need to be a /64. The routed prefix need to be /64 or shorter. Based on the information in the question I'd guess a /56 or /60 would be suitable.
Many VPS providers by default will give you a /64 link prefix and no routed prefix. The link prefix can be either dedicated to you or shared between multiple customers. Some VPS providers will give you a routed prefix if you ask for one, some VPS providers just won't give you a routed prefix.
answered Jan 11 at 19:17
kasperdkasperd
2,63111126
I am going to assume that the mention of 4to6 and 6to4 in your question is a mistake and you really meant 6in4. However if you are using a proper VPN you will however not need 6in4.
The main difference between VPN and 6in4 is that 6in4 is just a tunnel and VPN is a tunnel with a cryptographic layer for security. A VPN can run both IPv4 and IPv6 on the inside of the tunnel regardless of whether the tunnel itself runs over IPv4 or IPv6.
How to configure that depend on the VPN you are using.
The real question here is whether your VPS actually has enough addresses to do what you want. You say you have a /64, but that's not sufficient information to know whether that VPS is suitable.
In order to run a correctly configured VPN you need both a link prefix and a routed prefix. The link prefix need to be a /64. The routed prefix need to be /64 or shorter. Based on the information in the question I'd guess a /56 or /60 would be suitable.
Many VPS providers by default will give you a /64 link prefix and no routed prefix. The link prefix can be either dedicated to you or shared between multiple customers. Some VPS providers will give you a routed prefix if you ask for one, some VPS providers just won't give you a routed prefix.
answered Jan 11 at 19:17
kasperdkasperd
2,63111126
answered Jan 11 at 19:17
kasperdkasperd
2,63111126
answered Jan 11 at 19:17
kasperdkasperd
2,63111126
answered Jan 11 at 19:17
kasperdkasperd
2,63111126
2,63111126
Comments are not for extended discussion; this conversation has been moved to chat.
– DavidPostill♦
Jan 12 at 20:26
Sorry @DavidPostill, thanks for the authorization to post on the live chat for the information sharing in order to properly answer the asked goal.
– BJPGameVideosITA
Jan 12 at 22:29
add a comment |
Comments are not for extended discussion; this conversation has been moved to chat.
– DavidPostill♦
Jan 12 at 20:26
Sorry @DavidPostill, thanks for the authorization to post on the live chat for the information sharing in order to properly answer the asked goal.
– BJPGameVideosITA
Jan 12 at 22:29
Comments are not for extended discussion; this conversation has been moved to chat.
– DavidPostill♦
Jan 12 at 20:26
Comments are not for extended discussion; this conversation has been moved to chat.
– DavidPostill♦
Jan 12 at 20:26
Sorry @DavidPostill, thanks for the authorization to post on the live chat for the information sharing in order to properly answer the asked goal.
– BJPGameVideosITA
Jan 12 at 22:29
Sorry @DavidPostill, thanks for the authorization to post on the live chat for the information sharing in order to properly answer the asked goal.
– BJPGameVideosITA
Jan 12 at 22:29
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1391971%2fopenvpn-as-ipv4-to-ipv6-gateway-how-to-create-your-own-4to6-tunnel-with-a-pers%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
