IPv6 and forensic requests

Sun Feb 10 13:51:25 UTC 2019

Do you really mean 6to4 or NAT64? Totally different things ...

If that's the case, I will suggest you go for Jool instead of Tayga.

Also, if you want the customers are able to use old IPv4 apps and devices, NAT64 is not sufficient, you need also CLAT at the customer premises (so they can run 464XLAT).

Regards,
Jordi

-----Mensaje original-----
De: NANOG <nanog-bounces at nanog.org> en nombre de Max Tulyev <maxtul at netassist.ua>
Fecha: domingo, 10 de febrero de 2019, 14:26
Para: NANOG <nanog at nanog.org>
Asunto: IPv6 and forensic requests

    Hi All,

    we are implementing IPv6 only infrastructure.

    For IPv4 access, we using tayga for 6to4 translation and then CGN for NAT.

    There is a number of ways for Linux based NAT to store information for 
    future forensic requests (i.e. "who was it cracking that website?").

    But what about 6to4 translators, as tayga? I believe there should be 
    well-known patches or solutions. The aim is to have what /64 (not even 
    /128) was translated to what IPv4 at the requested time.

    Is there any?

**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.