NAT-PT or NAT64 in real life

Cameron Byrne cb.list6 at gmail.com
Wed Jan 19 10:56:44 CST 2011


On Wed, Jan 19, 2011 at 1:18 AM, jarod smith <jarod.smouth at gmail.com> wrote:
> Although it would seem that double-stack is still the preferred method of linux
> distribution, I want my next deployed in IPv6 only.
> For linux there is NAT-PT tomicki and NAT64 Viagenie.
>
> I don't have Cisco equipment although I'd like tested their NAT-PT, even if
> it's obsolete.
>

There are some lessons learned here with NAT-PT

http://www.civil-tongue.net/6and4/wiki

But, i would only use NAT-PT for ... no ... i would never use NAT-PT.
The implementations are really not good.

> Are some of you have installed one of these two implementations in
> production on recent versions of linux? Is it stable, secure, ... ?
>

I have tested 3 versions of DNS64 and 4 versions of NAT64.  I am not
sure what i can share about them.  My experience has generally been
good.  I feel good with taking my selected vendors to production with
this feature.  Users in my beta trial have been happy with the results
and performance.  You mentioned Cisco.  Cisco has stateless support
today of NAT64, but i am not sure the value of that since it is one
for one.  I assume they will have stateful support soon.

http://www.cisco.com/en/US/docs/ios/ios_xe/ipaddr/configuration/guide/iad_stateless_nat64_xe.html

aka http://tinyurl.com/4gt9s9y

Juniper has stateful NAT64 today in production code, i have not looked
at this one yet, but it appears promising

http://www.juniper.net/techpubs/en_US/junos10.4/information-products/topic-collections/nce/nat64-ipv6-ipv4-depletion/configuring-nat64-ipv6-ipv4-depletion.pdf

aka http://tinyurl.com/4qxjahk

If you are talking about servers, not users, most of the commercial
load balancers have NAT64 functions for the IPv6 user to IPv4 legacy
server use case.

Cameron
======
http://groups.google.com/group/tmoipv6beta
======

>
> Regards
>




More information about the NANOG mailing list