Force IPv6 traffic to a specific host through IPv4 tunnel
-
Hi there,
I have an IPv4 OpenVPN-Server running on my pfSense since several month. Everything works fine. I route traffic to one domain via custom options push "route 1.2.3.4 255.255.255.255"; through the tunnel. It's needed to access a backend of an eCommerce website.
It works fine as long as the client resolves the domain to a IPv4 (nslookup foo.bar --> 1.2.3.4).
If the domain resolves to an IPv6 (2a03:4000:xxxx:yyyy:zzzz.....) the traffic is not routed, which makes sense to me.
I need to change that. The pfsense is currently not using IPv6. I could change that; my provider assigned a block to the server. But it would be much easier to just route the traffic to the specific IPv6 through the tunnel. If I add something with "push "route-ipv6 2a03:4000:xxxx:yyyy:zzzz/128" or check the "Redirect IPv6 Gateway" I get error likeOpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
Is it possible to route IPv6 through IPv4 Tunnel? Or do I need to configure the whole Server to use IPv6?
Thanks a lot in advance!
Best,
Matthias -
You have to configure IPv6 on the tunnel.
-
@JKnott because I've been struggling with this too, can you explain how to do this. I'd love to remove user error as a source of my inability to make this work.
-
On the server side, I assigned the IPv6 Tunnel Network prefix. I also selected Redirect IPv6 Gateway, though that depends on your needs.
In Advanced Configuration > Custom options, I added push "route-ipv6 ::/0".
I also added that on the Client Export page, though I don't know if both are necessary.