Welcome in my mind!

Home Nest Links About

Cloud IPv6 Router

I have only ipv4 from my ISP. But thanks to VPS which have dual stack IP, I can use IPv6 websites on my PC.

Below simple config which I use to IPv6 tunneling like in RFC4213.

To tunneling I use Wireguard, it's simple and quiet VPN. Pros and cons this solution is UDP protocol. It's quiet but no best to evading firewall which block other port than 80, 443. Of course we can use DNS port (53 UDP/TCP), but it can be tricky in some OS.

PC

cat /etc/wireguard/wg0.conf 

[Interface]
PrivateKey = {pc-private-key} 
Address = 10.2.2.4/24, fd47:47:47::2/64

[Peer]
Endpoint = routerIP:PORT
AllowedIPs = 10.2.2.0/24, ::/0
PublicKey = {router-pubkey} 
PersistentKeepalive = 25
    

For PC instance it's all config file.

We add IPv6 to vpn because we need this address to communicate with others in same solution. With ::/0 we add routing to kernel.

Router

First we nead change value in sysctl.

vim /etc/sysctl.d/ip-forward.conf 

net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1

sysctl -p /etc/sysctl.d/ip-forward.conf
    

Next we can configure VPN

cat /etc/wireguard/wg0.conf

[Interface]
PrivateKey = {router-private-key}
Address = 10.2.2.10/24, fd47:47:47::1/64
ListenPort = PORT
PostUP = ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

[Peer]
AllowedIPs = 10.2.2.0/24, fd47:47:47::/64
PublicKey = {pc-public-key}
    

Of course you need to set firewall with your requirements, but you should know how to do it :)

i

And this is it! Now you can use IPv6 stack to search and collect knowledge from internet.