The outgoing response traffic from Identity Servers to the IPv6 clients will be first routed to IPv4-Internal and forwarded back to the clients with source IP address as IDP-v6 address.
When an Identity Server is acting as a Service Provider, the traffic will be initiated from the internal Identity Servers to the remote Identity Providers. This is routed through the L4 switch and Identity Servers must resolve the remote Identity Provider URL to the remote IPv6 address. The DNS server configured for Identity Server must be configured to resolve the Identity Provider URL to the remote IPv6 address.
When Identity Server is acting as an Identity Provider, the incoming traffic to this Identity Server can be classified into the following:
Traffic initiated from IPv6 clients.
Traffic from the remote Service Provider.
However, the response from Identity Server uses IPv4 address in both cases. L4 switch converts the response to IPv6 address and forwards it to remote IPv6 clients and Service Providers respectively.The clients can either be configured with IPv4 address or IPv6 address or both (dual stack). If the client is configured to use IPv6 address only or dual stack, it must resolve the published DNS name of Identity Server to IDP-v6 address.