On Wed, 18 Dec 2019 10:27:51 +0300 Reco <recovery...@enotuniq.net> wrote:
> Hi. > > On Tue, Dec 17, 2019 at 04:54:17PM -0500, Celejar wrote: > > But the IPv6 address e:f:g:h:i:j:k:l is not actually configured > > anywhere on the router (as shown by 'ip a' and other tools)! > > Either there's some IPv6 - IPv4 conversion involved, or Verison just > terminates inbound IPv6 connections on their end. I did some investigating with tcpdump on the router, and IIUC, there is indeed some sort of IPv6 - IPv4 conversion going on: On the router: ~# tcpdump -i any icmp On the remote box: ~$ ping e:f:g:h:i:j:k:l PING e:f:g:h:i:j:k:l(e:f:g:h:i:j:k:l) 56 data bytes 64 bytes from e:f:g:h:i:j:k:l: icmp_seq=1 ttl=51 time=89.0 ms But the tcpdump instance on the router sees the pings like this IP ue.tmodns.net > pool-a-b-c-d.region.fios.verizon.net: ICMP echo request, id 44719, seq 1, length 64 IP pool-a-b-c-d.region.fios.verizon.net > ue.tmodns.net: ICMP echo reply, id 44719, seq 1, length 64 or (with -n): IP 172.58.187.252 > a.b.c.d: ICMP echo request, id 47985, seq 1, length 64 IP a.b.c.d > 172.58.187.252: ICMP echo reply, id 47985, seq 1, length 64 ue.tmodns.net / 172.58.187.252 is owned by T-Mobile, my wireless provider (via an MVNO), and apparently it's transparently translating between IPv6 - IPv4. I looked around a bit, and IIUC, this is a NAT64 server [1], which T-Mobile uses as part of it's 464XLAT (RFC 6877) architecture [2], a system it developed to facilitate interoperability between its pure IPv6 network and legacy IPv4 installations [3] (like my Verizon residential service). Thanks much for the help. [1] https://en.wikipedia.org/wiki/NAT64 [2] https://en.wikipedia.org/wiki/IPv6_transition_mechanism#464XLAT https://tools.ietf.org/html/rfc6877 [3] https://www.internetsociety.org/resources/deploy360/2014/case-study-t-mobile-us-goes-ipv6-only-using-464xlat/ https://www.reddit.com/r/tmobile/comments/5le5s7/tmobile_openvpn_connect_ipv6_nat64/dbv33j3/ Celejar