Production-scale NAT64

• Previous message (by thread): Production-scale NAT64
• Next message (by thread): Production-scale NAT64
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Aug 20, 2015 at 1:22 PM, Ca By <cb.list6 at gmail.com> wrote:
> On Thu, Aug 20, 2015 at 9:36 AM, William Herrin <bill at herrin.us> wrote:
>> Seriously though, if you want to run a v6-only network and still
>> support access to IPv4 Internet resources, consider 464XLAT or
>> DS-Lite.
>
> NAT64 is a required component of 464XLAT.

Sort of, technically, but not really.

NAT64 on its own implies DNS64 and IPv6 client software. Funky
gyrations in the DNS64 server cause the IPv6 software on the client to
originate with IPv6 addresses that the NAT64 server knows how to
convert to IPv4 addresses.

464XLAT does not require DNS64 and provides client software with an
IPv4 interface. IPv4 software that has no idea IPv6 exists sends IPv4
packets which get translated to IPv6 packets. Those packets are routed
to the carrier NAT box which then translates these specially crafted
IPv6 packets back to IPv4 packets.

Functionally, 464XLAT is an IPv6 VPN between your IPv4 client software
and an IPv4 carrier NAT box. Don't let the fact that it's
double-translating instead of encapsulating and decapsulating fool you
-- it's a VPN.

Regards,
Bill Herrin


-- 
William Herrin ................ herrin at dirtside.com  bill at herrin.us
Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>

• Previous message (by thread): Production-scale NAT64
• Next message (by thread): Production-scale NAT64
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]