Ignoring things like link-local addresses, a dual-stack machine with an IPv4 address can have and see at least four different sorts of IPv6 addresses:

1. what I will call non-legacy IPv6 addresses. These are only reachable through the 6bone.

   (I think these are sometimes called 'native IPv6 addresses'.)

2. 6to4 addresses in 2002::/16. These are reachable both through the 6bone and also directly over IPv4 (using 6in4 to encapsulate IPv6) by other dual-stack machines that have brought up routing for 2002::/16 through an open-ended SIT connection.

3. 'IPv4 compatible addresses', ::<IPv4 address>. These are not reachable via the 6bone, but are reachable by any dual-stack machine that has brought up an open-ended SIT connection or tunnel, even without any particular IPv6 routing. On Linux you can do this with nothing more than:

   ip tunnel add 6to4 mode sit remote any local <your-IP>

   I believe that any machine using 6to4 will also be reachable this way.

   Since these still use IPv6, you cannot use this form of address to talk to arbitrary IPv4 machines.

4. 'IPv4 mapped addresses', ::ffff:<IPv4 address>. Although they are using IPv6 APIs, programs seeing or using these IPv6 addresses are actually talking IPv4. Not all systems and not all programs will necessarily support IPv4 mapped addresses; some may insist that using IPv6 APIs results in actual IPv6 conversations.

   Because these are real IPv6 addresses being handled by real IPv6 APIs, programs using them can fail when they're running on machines where IPv6 is disabled; for example, 'ssh ::ffff:<IP>' can fail on a machine where 'ssh <IP>' works. This can make it awkward to use these IP addresses pervasively.

#1 and #2 are the only addresses that are reachable by pure IPv6 machines. #1, #2, and #3 use IPv6 only (although traffic may be transported over the IPv4 Internet); #4 uses IPv4 only. The only IPv6 addresses that can be automatically determined for a remote machine given only its IPv4 address are #3 and #4; while you know the /48 prefix that a 6to4 machine will use, you don't know the host portion of the address in advance.

(In many cases a host portion of ::1 is a good bet, but you don't know for sure.)

A machine can have all three of the 'real' sorts of IPv6 addresses active at the same time, and there are vaguely rational reasons to do so. If you run your IPv6 default route through your non-legacy IPv6 connection your only use of 6to4 will be to talk directly to other 6to4 machines, which may be a good thing.

(This is definitely the sort of entry I write to get this all straight in my head.)