On Friday 08 May 2020 at 13:16:28, Marc Haber wrote:
> Hi,
>
> I have a vhost in a https-only IPv6-only setup and would like to make
> the web site hosted there reachable from the IPv4 Internet.
Is the vhost capable of dealing with IPv4 queries if you can only manage to
get them to the machine?
> On a dual-homed host, I have sniproxy that forwards requests coming in via
> IPv4 over IPv6 depending on the SNI header. The web server is directly
> reachable from the IPv6 Internet without proxy.
How about a completely different approach - set up a VPN connection between
your dual-homed host and the IPv6-only web server, to tunnel IPv4 requests and
responses over an IPv6 link?
Then you publish the real IPv6 address of the server as your DNS AAAA address,
and the IPv4 address of the dual-homed host as the A address. The dual-homed
host tunnels all requests (source and destination still both IPv4) to the
vhost, and it routes all IPv4 traffic back across the VPN.
No need for HTTPS interception etc.; you're just tunneling all requests
directly to the machine which has the certificate on it.
Antony.
--
How many Prolog programmers does it take to change a lightbulb?
No.
Please reply to the list;
please *don't* CC me.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|