Results 1 to 3 of 3

Thread: Need some help w/ ipv6 and nat64

  1. #1
    Join Date
    Sep 2007

    Question Need some help w/ ipv6 and nat64

    Hello all!

    I'm working on getting my network transitioned to ipv6 and I'm stumbling a bit. I was wondering if anybody could point me in the right direction. Specifically I need help w/ the ipv6 to ipv4 communication. I have a box set up at my network edge, and on the inside I'm world routable ipv6. On my server at the edge of my network I have 2 NICs, one w/ IPv6 and one w/ IPv4. I'm to understand I can set this box up w/ nat64 and it will translate back and forth between my ipv6 network and the ipv4 internet, but I'm a little fuzzy on how to set this up. Can anybody help me out here, or point me in the right direction?

  2. #2
    Join Date
    May 2010
    Xubuntu 14.04 Trusty Tahr

    Re: Need some help w/ ipv6 and nat64

    Thread moved to server platforms.

    You're more likely to get a response in this subforum.
    If you believe everything you read, you better not read. ~ Japanese Proverb

    If you don't read the newspaper, you're uninformed. If you read the newspaper, you're mis-informed. - Mark Twain

    Thinking about becoming an Ubuntu Member?

  3. #3
    Join Date
    Nov 2006
    Wisconsin, USA
    Ubuntu 13.04 Raring Ringtail

    Re: Need some help w/ ipv6 and nat64

    Since the internet is still about 98.7% IPv4, if you have v4 available, being dual-stack is the best way to go. For v6-only clients to access v4-only servers, there are at least 3 issues, only 2 of which are solvable.

    First, you need a NAT64 translater to rewrite IPv6 packets as IPv4 packets. Second, you need a DNS64 translater, so that you can synthesize AAAA records when the destination host only has A. Third, you are going to have to live with a certain level of protocol and web site breakage, because anything which embeds literal IPv4 addresses like FTP or Skype or subparts of complex web pages is likely to break. Typically NAT64 translators are written for simplicity and scalability, and compared to classic NAT44 gateways, they have practically no proxy or protocol rewrite support. So simple things like SSH or SMTP or HTTP to well-designed web sites will work, and everything else will break. In spite of that, NAT64+DNS64 appears to be the main transition mechanism actually being deployed, because the alternatives such as NAT444 (NAT44 at the user plus more NAT44 at a carrier - ISP or cellphone company - gateway) or dual-stack-lite suck worse.

    This week, on Linux, a typical ploy seems to be using tayga/ as the NAT64 translator and Bind 9.8 and the DNS64 translator. You need some IPv4 addresses to feed tayga, and an IPv6 prefix of /63 or larger, because you need a spare /64 to put your /96 IPv4 surrogate addresses under. You can find more detailed directions at places like:

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts