One of the annoyances with #NAT64 is that when some site publishes an #IPv6 AAAA record, but their IPv6 server is down and the IPv4 server is up, there's no "happy eyeballs" fallback to IPv4. Because the AAAA record exists, #DNS64 doesn't provide a mapping to IPv4.
It can be worked around by manually adding an /etc/hosts entry for the broken site.
Today's broken site is www.fsf.org. Hey @fsf - your IPv6 server is refusing connections 😉
I got asked if I could create a #howto for creating a (public) #NAT64 service - just like I did recently for #BoxyBSD. With #DNS64 and #NAT64 you can also reach resource in the legacy internet (#IPv4) on #IPv6 only systems.
While this is based on #unbound and #tayga, there’s also a solution by using the #OpenBSD's native way which is also running on the other gateway. I’ll share a second how to how to do this in OpenBSD and pf.
https://gyptazy.com/howto-create-a-public-dns64-nat64-gateway/
As part of my BoxyBSD project, which is designed to operate on IPv6 only network connectivity, I recently implemented and provided DNS64 and NAT64 gateway support to bridge the gap between IPv6 and the legacy IPv4 world. This solution ensures that users can easily access important resources, like GitHub, which - even in 2025 -
@mfierst @alexhaydock @nixCraft
Oh absolutly.
You do the dns64 nat64 setup once per datacenter.
The dual stack you have to do on each and every subnet. And with each there is uniqe firewall policies for that customer. Routing, possible vpn setups. Dns records are special since your internal network is rfc1918 dualstack you get dns views again.
When doing a greenfield network, the only thing you have to do to get ipv4 outgoing for a #ipv6 network is to use the #dns64 nameserver address!
No NAT November: My Month Without IPv4
Link📌 Summary: 本文探討了作者在11月的「無NAT十一月」挑戰中,關閉IPv4並僅使用IPv6的經歷。雖然在這段期間發現了許多挑戰和問題,特別是對於一些設備和應用程式的支持不佳,但作者認可轉向「IPv6-大多數」的概念,這樣可以同時利用IPv6和必要時仍然允許IPv4的路徑。最終,雖然作者的經驗顯示完全關閉IPv4還不成熟,但提議在未來的網路部署中考慮「IPv6-大多數」的方式,這將有助於平滑過渡。https://blog.infected.systems/posts/2024-12-01-no-nat-november/
This blog contains some interesting tidbits. Time permitting I'll definitely have a look at maybe going ipv6-mostly.
Why? Because learning ;)
Looking for anyone who knows #networking. Specifically, #domains and nslookups. I wrote a domain analysis #script, but I did it quickly for myself and some collages. Does anyone have any suggestions for the best #language to use to do extensive domain record lookups? I was thinking #Python, but some where I work use #Ruby. I know I do not wish to stay using #PHP. That was thrown together quick and works, but it is not ideal.
So basically, what language is considered to have the most libraries/tools for #domainname #analysis? Mostly #dns64
stuff.
Basically, this is a simple tool that combines a bunch of what could just be bash commands to get a good overview of a domain name, it's records, and the status of those hosts/ips. Open to any suggestions!
I can go into specifics if anyone bites on this topic.
Brett Sheffield (he/him)
Jason Tubnor 🇦🇺
Beni HB9HNT
nrb
gyptazy
sep
卡拉今天看了什麼
Jan ☕🎼🎹☁️🏋️♂️
pratisamlayana