IPv4 over IPv6 tunnel for HughesNet user

scotru asked:

I have a client who wants to access cameras remotely via a HughesNET Internet connection. HughesNET using carrier grade NATting (CGN) for IPv4 and so does not provide their customers with publicly routable IPv4 addresses. They do, however, provide publicly routable IPv6 (although, these are dynamic, they occasionally change the prefixes… grrr).

The client’s DVR does not support remote viewing over IPv6. I’m looking for the easiest way to work around this problem. My current idea is to put a Rasberry Pi on site and setup a IPv4 over IPv6 tunnel between the pi and a cloud VPS and basically reverse proxy the services through the tunnel to the VPS. Client could then go to the VPS via IPv4 to access his cameras.

Does this sound like a plausible solution? Is there an easier alternative I’m missing? Anyone done something similar and could provide me with some details? This is at the edge of my networking knowledge. I’m particularly concerned about how to deal with the changing IPv6 addresses on the HughesNET connection.

My answer:

You can certainly put up a NAT64 gateway on the customer premises. Tayga, for example, will run on a Raspberry Pi or similar small hardware, or even in a VM on an existing server. This will make the cameras accessible via IPv6, and thus available on mobile devices. Now, if the cameras require proprietary software to access them, and it only speaks IPv4, then all bets are off.

As a long term matter, your customer should complain to the camera manufacturer about the lack of IPv6 support and his willingness to buy cameras from some other manufacturer in the future because of this.

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.