Real World NAT64 deployments

Simon Perreault simon.perreault at
Fri Mar 4 07:41:01 CST 2011

On 2011-03-04 08:32, Francois Tigeot wrote:
> What about its integration in upstream software ?

None of it is integrated yet.

> The dns64 part is integrated in the newly released Bind 9.8

That's not our code. ISC made their own DNS64 implementation for Bind 9.8.

As for Unbound, everybody wants it merged. It's just a matter of
actually doing it.

> but I've not
> seen any real information for the nat part in pf or iptables.

Pf has changed a lot between OpenBSD 4.6 and 4.7. We will need to
updated our patch quite significantly.

As for iptables, it's a different story. Our code does not use the
regular conntrack NAT infrastructure. This is intentional. We wanted to
be 100% RFC-compliant, and the conntrack stuff is very un-compliant.
Because of this I doubt that it would be included upstream.

DTN made easy, lean, and smart -->
NAT64/DNS64 open-source        -->
STUN/TURN server               -->

More information about the NANOG mailing list