Enabling IPv6 help for IPv4 solely apps on Linux
To show level that IPv6 is prepared for manufacturing use I have been utilizing IPv6 solely setup on my Ubuntu PC for extra then 4 months. To entry legacy IPv4 Web I take advantage of NAT64 gateway based mostly on Tayga deployed on RockPro64 SBC in my cabinet:
A lot of the apps I take advantage of help IPv6 however there are some instances when lack of IPv4 connectivity on my machine negatively impacts expertise.
One of many instances which impacts my day by day expertise is a continuing must manually prepend IPv4 addresses for ssh as direct try to make use of ssh with IPv4 literal tackle fails:
ssh 1.3.3.7
ssh: connect with host 1.3.3.7 port 22: Community is unreachable
As an alternative I’ve to append my IPv6 NAT64 prefix on a regular basis:
ssh 64:ff9b::1.3.3.7
pavel@64:ff9b::103:307’s password:
Fortunately for us Linux offers exceptionally straightforward technique to intercept some particular library capabilities utilizing easy dynamically linked library: LD_PRELOAD
When app wants to connect with the community it makes use of Linux system capabilities similar to socket(), connect(), getpeername(), getsockname() and by overriding them with capabilities which explicitly remodel all IPv4 connection makes an attempt to connections to particular IPv6 tackle crafted utilizing NAT64 prefix. Which this strategy in arms we are able to mechanically add IPv6 help for such apps with out.
That is precisely how instrument known as tnat64 works. You could find this instrument in Debian or Ubuntu official repositories and set up is as straightforward as observe:
sudo apt set up -y tnat64
This instruments offers single dynamic library accessible on following path: /usr/lib/tnat64/libtnat64.so.
To allow it for particular session in Terminal we have to run following instructions:
export LD_PRELOAD=/usr/lib/tnat64/libtnat64.so TNAT64_DEBUG=10 TNAT64_DEBUG_FILE=/tmp/tnat64.log
The one necessary half right here is: LD_PRELOAD, TNAT64_DEBUG and TNAT64_DEBUG_FILE simply allow debugging to supply extra data how this library works.
After that once you run any app in similar Terminal session it’s going to load libtnat64.so first after which all calls to community capabilities shall be intercepted and as consequence any try to connect with IPv4 literal will work simply wonderful even on machine with out exterior IPv4 connectivity:
ssh 1.3.3.7
pavel@1.3.3.7’s password:
I might advocate utilizing this apporach just for apps with clear IPv6 help points. Makes an attempt to allow this logic might result in some points as some apps might not like such methods with syscalls.
To get extra details about runtime exercise of tnat64 you’ll be able to test content material of it is log file /tmp/tnat64.log:
I want to say thanks for this superior instrument to writer of it Andrej Shadura.
Only for historic perspective this instrument was written round 2011.
Our present success with IPv6 deployment is a results of 20 years of colossal quantity of labor from unbelievable variety of very gifted engineers.