Ignoring things like link-local addresses, a dual-stack machine with
an IPv4 address can have and see at least four different sorts of IPv6
- what I will call non-legacy IPv6 addresses. These are only reachable
through the 6bone.
(I think these are sometimes called 'native IPv6 addresses'.)
- 6to4 addresses in 2002::/16.
These are reachable both through the 6bone and also directly over
IPv4 (using 6in4 to encapsulate
IPv6) by other dual-stack machines that have brought up routing
for 2002::/16 through an open-ended SIT connection.
- 'IPv4 compatible addresses', ::<IPv4 address>. These are not
reachable via the 6bone, but are reachable by any dual-stack machine
that has brought up an open-ended SIT connection or tunnel, even
without any particular IPv6 routing. On Linux you can do this with
nothing more than:
ip tunnel add 6to4 mode sit remote any local <your-IP>
I believe that any machine using 6to4 will also be
reachable this way.
Since these still use IPv6, you cannot use this form of address
to talk to arbitrary IPv4 machines.
- 'IPv4 mapped addresses', ::ffff:<IPv4 address>. Although they
are using IPv6 APIs, programs seeing or using these IPv6 addresses
are actually talking IPv4. Not all systems and not all programs
will necessarily support IPv4 mapped addresses; some may insist
that using IPv6 APIs results in actual IPv6 conversations.
Because these are real IPv6 addresses being handled by real IPv6
APIs, programs using them can fail when they're running on machines
where IPv6 is disabled; for example, '
ssh ::ffff:<IP>' can fail
on a machine where '
ssh <IP>' works. This can make it awkward
to use these IP addresses pervasively.
#1 and #2 are the only addresses that are reachable by pure IPv6
machines. #1, #2, and #3 use IPv6 only (although traffic may be
transported over the IPv4 Internet); #4 uses IPv4 only. The only IPv6
addresses that can be automatically determined for a remote machine
given only its IPv4 address are #3 and #4; while you know the /48 prefix
that a 6to4 machine will use, you don't know the host portion of the
address in advance.
(In many cases a host portion of ::1 is a good bet, but you don't know
A machine can have all three of the 'real' sorts of IPv6 addresses
active at the same time, and there are vaguely rational reasons to do
so. If you run your IPv6 default route through your non-legacy IPv6
connection your only use of 6to4 will be to talk directly to other
6to4 machines, which may be a good thing.
(This is definitely the sort of entry I write to get this all straight
in my head.)