Since there's no routable IPv4 address on the hosts (just link-local), I'm assuming that any v4 request is going to just die on the host itself. Can anyone think of an option of getting this to work?
I can think of four different approaches to get it working.
- Use IPv4 inside IPv6 tunnelling (using next header 4). You'd need to setup the tunnel server yourself, and you'd need a conventional NAT44 between the tunnel server and the Internet. Both tunnel server and NAT44 could be done in OpenWRT, but the tunnel server part might require new code.
- Use NAT64+DNS64. With that approach you'd need NAT64 running on OpenWRT, and it would make sense to have DNS64 there as well. I don't know if OpenWRT supports that out of the box.
- Use 4rd. You might think that 4rd uses IPv4 in IPv6 tunnelling. But reading the spec you'd find that it actually converts the IPv4 packets to IPv6 and converts them back at the other end using some hacks to reproduce the original IPv4 packet. That part of the 4rd spec looks crazy to me, when in reality what was needed was just IPv4 in IPv6 traffic. The interesting part about 4rd is that it moves the NAT44 part to the individual hosts. That way each host knows which range of external ports it has available and can do NAT itself using that range of ports. That means the gateway remains stateless. If your hosts and OpenWRT supports 4rd, you could use that, and NATed connections would remain open even if the access point is restarted.
- Setup a transparent http proxy and use a DNS server that synthesize AAAA records pointing at the IPv6 address of the transparent proxy, if the domain only has an A record.
Any of the four approaches will work. Which of the four will work best depends on the software support. I don't know specific software implementations of any of the above, and I don't know which of them might be supported by OpenWRT. Using NAT64+DNS64 or using the transparent http proxy are the only options on the list, which do not require changes on the client machines. And since the transparent http proxy doesn't help for other protocols than http, I would recommend that you first give NAT64+DNS64 a try and only consider the other options if NAT64 for some reason doesn't cut it.