This website has been translated by machine translation software and has not been subsequently revised by translators. Further information at: link. Hide
the accesskey _ mod _ content
-

Servicio común de Red SARA para el acceso mediante IPv6 a portales de Administración electrónica

  • Functional description

    This common service is designed to facilitate the transition to IPv6 in public administrations, and allows the current e-government services, designed for IPv4, accessible by people using connections IPv6, with very little effort by the unit responsible for its management.

     

    This is based on the experience gained during the execution of different pilots to incorporate IPv6 in electronic administration services, such as the portal 060. The solution makes use of the Internet connection in IPv6 SARA network, and used as a transitional mechanism translation of protocols (IPv4 IPv6 to) through SOME (Application Layer Gateways) implemented on reverse proxy and NAT64.

     

    When a citizen who is connected to the Internet via IPv6 wishes to access one of

    the integrated portals in the solution is redirected to the center of Remote Access SARA network, which houses the platform that supports this common service. There is the translation of protocols, establishing, through SARA Network, a connection with the service IPv4 end of Electronic administration, so that the citizen accesses the desired content transparently to the protocol used.

     

    For its part, the agency that operates the service end does not need to make changes in your infrastructure to make it compatible with IPv6, allowing only to make some changes in their DNS servers.

    Technical Description

    Como se ha comentado, la solución se basa en el uso de reverse-proxy y NAT64. El reverse-proxy realiza la traducción del protocolo IPv6 a IPv4 para las conexiones http al servicio final, mientras NAT64 lo realiza para protocolo https.

    Regarding the reverse-proxy, uses the open source software Squid 3.1.8, which supports IPv6, implemented in double stack. The proxy listens on IPv6, waiting for connections from The Internet, and when a connection is received, search in the header HTTP the final service to connect to the citizen. With this information is logged in IPv4 through SARA Network, with the final service, and once you have received the content to submit the citizen

    from this service, and returns it, in IPv6, the citizen.

    Regarding the NAT64, it becomes necessary in the case that require connections SSL through https, since the lodging of reverse-proxy breaks the trust chain required, between electronic certificates of browser and server, to a secure connection. In this case, the NAT64 performs the mapping of directions IPv6, requested by the client, to the addresses IPv4 handled by the server.

    Additionally, so that the solution possible, it is necessary to make changes in the DNS, both as SARA Network of agencies operating the portals integrated in the solution.

    These modifications are basically to register the records YYYY pointing to the addresses IPv6 of SARA network platform that supports the common service. Depending on the configuration of the DNS the body in question, it may be necessary to also allow automatic downloading of areas to the network DNS SARA, as well as add in root servers of the national domain .es the network DNS SARA, associated with the domains of services that are integrated in the solution, for these DNS that meet the demands IPv6, instead of the agency's IPv4 DNS.

      graficogatewayipv6

General access point
General access point
Maintainer

Interesting links Solutions