Ipv6 Packet Rewriting and Caching

Question

I have a router running Linux that acts as the central gateway to the Internet for a network of embedded devices that use IPv6 to communicate. I would like to intercept, inspect, and rewrite every packet that goes in and out from the Internet to this subnetwork. The reason I need to do this is that I want to create a transparent (to both ends) proxy service that will redirect packets, ingoing and outgoing, to a cache that lives elsewhere depending on the packet content.

These devices communicate using their own application protocol that runs over UDP so I can't re-use something like Squid straight out of the box. Is the best place to start somewhere like libpcap? Or should I start from the top and rewrite Squid? This is the first time I've had to really dive deep into networking, and I'm unsure where to begin.

Answer 1

You are probably better off rewriting the DNS responses to point to your Linux gateway instead. Something similar to this has been done to allow IPv6 only nodes to talk to the IPv4 internet. You can inspire yourself from that.

See for ideas for your Linux gateway box

http://www.ietf.org/id/draft-ietf-behave-v6v4-xlate-stateful-08.txt

and ideas for your DNS box

http://www.ietf.org/id/draft-ietf-behave-dns64-06.txt