DIY Dual-Stack WAN/Internet access via IPv4-only ISP

My ISP at home provides very decent latency and bandwidth at an accetable price, but even in 2022, offers only either DS-lite (with IPv4 getting crippled by CGNAT) or "real" IPv4 without any IPv6 at all.

I also rent a dedicated box at a DC nearby that has "proper" dual-stack connectivity, and boatloads of presently unused IPv6 addresses available.

Now, I am wondering if I could use my OpenWrt-based router with the Debian box at the colo to map/route some of the IPv6 address space the DC provides into my home LAN, over some kind of tunnel between the colo'd host and my router, providing all hosts native end-to-end IPv6 connectivity in addition to the NATed IPv4 I presently use.

Is this a feasible idea? Which software components would have to be involved on both the home- and colo-ends of that kind of VPN setup, and what would their configration have to look like?

Your root server probably just gets a single /64 prefix, which basically makes it unsuitable for this purpose (yes, there are ugly workarounds, but…).

How about switching to ds-lite, and use the complete IPv6 to run an IPv4 tunnel into a rented box in a DC where you do NAT on IPv4 instead?

That would be the easier approach yes.

That's an interesting alternative strategy I had not yet considered, but research I did today on my ISP's situation indicates it's not an option - according to both reports on the web and their tech support staff, the (mandatory) cable modem they use can only support IPv4 in bridge mode (which is what I am using now), and does not support DHCPv6 prefix delegation when in routed DS-lite mode.

Mmmh, so outside the EU I presume, as inside the EU there is a right for choice terminal equipment, which depending on the NRA (national regulatory authority) includes modems....

Not sure what to do there short of trying to cozy up with your ISPs technicians and convince them to "test" something on your link resulting in ds-lite on a bridged modem :wink: