Hi everyone,
I’m exploring the possibility of migrating the internal network in Qubes OS to use only IPv6, and I’d appreciate your input.
In my company environment, we currently don’t use IPv6 at all in our regular infrastructure. This makes IPv6 an attractive option for cleanly separating Qubes’ internal communication from the rest of the network — avoiding overlap with existing IPv4 address ranges and reducing potential routing conflicts.
My idea is to have all inter-qube traffic (e.g., AppVM ↔ sys-firewall ↔ sys-net) operate purely over IPv6, without relying on IPv4 internally at all. Ideally, sys-net would bridge to an IPv4-only external network, while the internal Qubes traffic stays in a distinct IPv6-only space.
Is such a setup possible with Qubes? Has anyone tried configuring Xen or Qubes’ internal networking components (like qvm-firewall or qvm-prefs) to support IPv6-only communication between VMs?
I’m particularly curious if any limitations exist at the Xen level, or whether Qubes assumes IPv4 for any essential operations.
Thanks in advance for any advice or experience you can share!