Suche senden
Hochladen
2009 11 06 3gpp Ietf Ipv6 Shanghai Nat64
âą
1 gefÀllt mir
âą
1,020 views
Y
yacc2000
Folgen
Technologie
Melden
Teilen
Melden
Teilen
1 von 23
Jetzt herunterladen
Downloaden Sie, um offline zu lesen
Empfohlen
NAT64 en LACNIC 18: Experimentos con NAT64 sin estado
NAT64 en LACNIC 18: Experimentos con NAT64 sin estado
Carlos Martinez Cagnazzo
Â
NAT64 and DNS64 in 30 minutes
NAT64 and DNS64 in 30 minutes
Ivan Pepelnjak
Â
6Rd
6Rd
Fred Bovy
Â
Upcoming internet challenges
Upcoming internet challenges
Ivan Pepelnjak
Â
IPv6 Transition Techniques
IPv6 Transition Techniques
APNIC
Â
Ipv6
Ipv6
Yan Drugalya
Â
IPv6 Transition Strategies
IPv6 Transition Strategies
APNIC
Â
Robert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistance
PROIDEA
Â
Empfohlen
NAT64 en LACNIC 18: Experimentos con NAT64 sin estado
NAT64 en LACNIC 18: Experimentos con NAT64 sin estado
Carlos Martinez Cagnazzo
Â
NAT64 and DNS64 in 30 minutes
NAT64 and DNS64 in 30 minutes
Ivan Pepelnjak
Â
6Rd
6Rd
Fred Bovy
Â
Upcoming internet challenges
Upcoming internet challenges
Ivan Pepelnjak
Â
IPv6 Transition Techniques
IPv6 Transition Techniques
APNIC
Â
Ipv6
Ipv6
Yan Drugalya
Â
IPv6 Transition Strategies
IPv6 Transition Strategies
APNIC
Â
Robert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistance
PROIDEA
Â
IPv4 over IPv6 in the Venue, APRICOT-APAN 2015 Fukuoka
IPv4 over IPv6 in the Venue, APRICOT-APAN 2015 Fukuoka
APNIC
Â
Introduction of ipv6
Introduction of ipv6
KaushikMajumder22
Â
Ipv6
Ipv6
maha5960
Â
Content over IPv6: no excuses
Content over IPv6: no excuses
Ivan Pepelnjak
Â
Deploying IPv6 - planning, common pitfalls and security-considerations
Deploying IPv6 - planning, common pitfalls and security-considerations
SpeedPartner GmbH
Â
IPv6 introduction
IPv6 introduction
Guider Lee
Â
Things I wish I had known about IPv6 before I started
Things I wish I had known about IPv6 before I started
Faelix Ltd
Â
Leveraging IPv6 extension header for traffic engineering, by Eric Vyncke [APN...
Leveraging IPv6 extension header for traffic engineering, by Eric Vyncke [APN...
APNIC
Â
Getting started with IPv6
Getting started with IPv6
Private
Â
Plug and Play Using Prefix Delegation Mechanism
Plug and Play Using Prefix Delegation Mechanism
Shinsuke SUZUKI
Â
Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017
Cheng-Chun William Tu
Â
P4-based VNF and Micro-VNF Chaining for Servers With Intelligent Server Adapters
P4-based VNF and Micro-VNF Chaining for Servers With Intelligent Server Adapters
Open-NFP
Â
Your Slice of the IPv6 Cake
Your Slice of the IPv6 Cake
RIPE NCC
Â
P4 for Custom Identification, Flow Tagging, Monitoring and Control
P4 for Custom Identification, Flow Tagging, Monitoring and Control
Open-NFP
Â
MAP-E as IPv4 over IPv6 Technology
MAP-E as IPv4 over IPv6 Technology
Akira Nakagawa
Â
Stacks and Layers: Integrating P4, C, OVS and OpenStack
Stacks and Layers: Integrating P4, C, OVS and OpenStack
Open-NFP
Â
Accelerating Networked Applications with Flexible Packet Processing
Accelerating Networked Applications with Flexible Packet Processing
Open-NFP
Â
Technology Updates in IPv6
Technology Updates in IPv6
Shinsuke SUZUKI
Â
OARC 26: Scoring the Root Server System
OARC 26: Scoring the Root Server System
APNIC
Â
IPv6
IPv6
Deepraj Bhujel
Â
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNIC
APNIC
Â
OpenStack Neutron IPv6 Lessons
OpenStack Neutron IPv6 Lessons
Akihiro Motoki
Â
Weitere Àhnliche Inhalte
Was ist angesagt?
IPv4 over IPv6 in the Venue, APRICOT-APAN 2015 Fukuoka
IPv4 over IPv6 in the Venue, APRICOT-APAN 2015 Fukuoka
APNIC
Â
Introduction of ipv6
Introduction of ipv6
KaushikMajumder22
Â
Ipv6
Ipv6
maha5960
Â
Content over IPv6: no excuses
Content over IPv6: no excuses
Ivan Pepelnjak
Â
Deploying IPv6 - planning, common pitfalls and security-considerations
Deploying IPv6 - planning, common pitfalls and security-considerations
SpeedPartner GmbH
Â
IPv6 introduction
IPv6 introduction
Guider Lee
Â
Things I wish I had known about IPv6 before I started
Things I wish I had known about IPv6 before I started
Faelix Ltd
Â
Leveraging IPv6 extension header for traffic engineering, by Eric Vyncke [APN...
Leveraging IPv6 extension header for traffic engineering, by Eric Vyncke [APN...
APNIC
Â
Getting started with IPv6
Getting started with IPv6
Private
Â
Plug and Play Using Prefix Delegation Mechanism
Plug and Play Using Prefix Delegation Mechanism
Shinsuke SUZUKI
Â
Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017
Cheng-Chun William Tu
Â
P4-based VNF and Micro-VNF Chaining for Servers With Intelligent Server Adapters
P4-based VNF and Micro-VNF Chaining for Servers With Intelligent Server Adapters
Open-NFP
Â
Your Slice of the IPv6 Cake
Your Slice of the IPv6 Cake
RIPE NCC
Â
P4 for Custom Identification, Flow Tagging, Monitoring and Control
P4 for Custom Identification, Flow Tagging, Monitoring and Control
Open-NFP
Â
MAP-E as IPv4 over IPv6 Technology
MAP-E as IPv4 over IPv6 Technology
Akira Nakagawa
Â
Stacks and Layers: Integrating P4, C, OVS and OpenStack
Stacks and Layers: Integrating P4, C, OVS and OpenStack
Open-NFP
Â
Accelerating Networked Applications with Flexible Packet Processing
Accelerating Networked Applications with Flexible Packet Processing
Open-NFP
Â
Technology Updates in IPv6
Technology Updates in IPv6
Shinsuke SUZUKI
Â
OARC 26: Scoring the Root Server System
OARC 26: Scoring the Root Server System
APNIC
Â
IPv6
IPv6
Deepraj Bhujel
Â
Was ist angesagt?
(20)
IPv4 over IPv6 in the Venue, APRICOT-APAN 2015 Fukuoka
IPv4 over IPv6 in the Venue, APRICOT-APAN 2015 Fukuoka
Â
Introduction of ipv6
Introduction of ipv6
Â
Ipv6
Ipv6
Â
Content over IPv6: no excuses
Content over IPv6: no excuses
Â
Deploying IPv6 - planning, common pitfalls and security-considerations
Deploying IPv6 - planning, common pitfalls and security-considerations
Â
IPv6 introduction
IPv6 introduction
Â
Things I wish I had known about IPv6 before I started
Things I wish I had known about IPv6 before I started
Â
Leveraging IPv6 extension header for traffic engineering, by Eric Vyncke [APN...
Leveraging IPv6 extension header for traffic engineering, by Eric Vyncke [APN...
Â
Getting started with IPv6
Getting started with IPv6
Â
Plug and Play Using Prefix Delegation Mechanism
Plug and Play Using Prefix Delegation Mechanism
Â
Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017
Â
P4-based VNF and Micro-VNF Chaining for Servers With Intelligent Server Adapters
P4-based VNF and Micro-VNF Chaining for Servers With Intelligent Server Adapters
Â
Your Slice of the IPv6 Cake
Your Slice of the IPv6 Cake
Â
P4 for Custom Identification, Flow Tagging, Monitoring and Control
P4 for Custom Identification, Flow Tagging, Monitoring and Control
Â
MAP-E as IPv4 over IPv6 Technology
MAP-E as IPv4 over IPv6 Technology
Â
Stacks and Layers: Integrating P4, C, OVS and OpenStack
Stacks and Layers: Integrating P4, C, OVS and OpenStack
Â
Accelerating Networked Applications with Flexible Packet Processing
Accelerating Networked Applications with Flexible Packet Processing
Â
Technology Updates in IPv6
Technology Updates in IPv6
Â
OARC 26: Scoring the Root Server System
OARC 26: Scoring the Root Server System
Â
IPv6
IPv6
Â
Ăhnlich wie 2009 11 06 3gpp Ietf Ipv6 Shanghai Nat64
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNIC
APNIC
Â
OpenStack Neutron IPv6 Lessons
OpenStack Neutron IPv6 Lessons
Akihiro Motoki
Â
I pv6
I pv6
Udi Ghosh
Â
Ipv6 Technical White Paper Wp111504
Ipv6 Technical White Paper Wp111504
Erik Ginalick
Â
Ipv Technical White Paper Wp111504
Ipv Technical White Paper Wp111504
Erik Ginalick
Â
IPv6 in Mobile Networks
IPv6 in Mobile Networks
APNIC
Â
Direct access for dummies
Direct access for dummies
Alex de Jong
Â
The IPv6-Only Network
The IPv6-Only Network
APNIC
Â
Ccna rse chp9 nat fo i_pv4
Ccna rse chp9 nat fo i_pv4
newbie2019
Â
IPv6 in Cellular Networks
IPv6 in Cellular Networks
APNIC
Â
Enabling IPv6 Services Transparently
Enabling IPv6 Services Transparently
Carlos Martinez Cagnazzo
Â
APNIC Update
APNIC Update
APNIC
Â
Cameron - TMO IPv6 Norway Meeting
Cameron - TMO IPv6 Norway Meeting
IPv6no
Â
Can NAT 64 Solve IPv4 Exhaustion | IPv4 Addresses | Address Space
Can NAT 64 Solve IPv4 Exhaustion | IPv4 Addresses | Address Space
IPv4Mall
Â
Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0
Fred Bovy
Â
Understanding i pv6 2
Understanding i pv6 2
srmanjuskp
Â
Transition to ipv6 cgv6-edited
Transition to ipv6 cgv6-edited
Fred Bovy
Â
Neutron IPv6
Neutron IPv6
Rohit Agarwalla
Â
IPv6 on the Interop Network
IPv6 on the Interop Network
Network Utility Force
Â
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
gogo6
Â
Ăhnlich wie 2009 11 06 3gpp Ietf Ipv6 Shanghai Nat64
(20)
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNIC
Â
OpenStack Neutron IPv6 Lessons
OpenStack Neutron IPv6 Lessons
Â
I pv6
I pv6
Â
Ipv6 Technical White Paper Wp111504
Ipv6 Technical White Paper Wp111504
Â
Ipv Technical White Paper Wp111504
Ipv Technical White Paper Wp111504
Â
IPv6 in Mobile Networks
IPv6 in Mobile Networks
Â
Direct access for dummies
Direct access for dummies
Â
The IPv6-Only Network
The IPv6-Only Network
Â
Ccna rse chp9 nat fo i_pv4
Ccna rse chp9 nat fo i_pv4
Â
IPv6 in Cellular Networks
IPv6 in Cellular Networks
Â
Enabling IPv6 Services Transparently
Enabling IPv6 Services Transparently
Â
APNIC Update
APNIC Update
Â
Cameron - TMO IPv6 Norway Meeting
Cameron - TMO IPv6 Norway Meeting
Â
Can NAT 64 Solve IPv4 Exhaustion | IPv4 Addresses | Address Space
Can NAT 64 Solve IPv4 Exhaustion | IPv4 Addresses | Address Space
Â
Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0
Â
Understanding i pv6 2
Understanding i pv6 2
Â
Transition to ipv6 cgv6-edited
Transition to ipv6 cgv6-edited
Â
Neutron IPv6
Neutron IPv6
Â
IPv6 on the Interop Network
IPv6 on the Interop Network
Â
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Â
KĂŒrzlich hochgeladen
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
johnbeverley2021
Â
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Christopher Logan Kennedy
Â
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Remote DBA Services
Â
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(âïž+971_581248768%)**%*]'#abortion pills for sale in dubai@
Â
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Zilliz
Â
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2
Â
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
Â
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
Â
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Khushali Kathiriya
Â
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
WSO2
Â
Elevate Developer Efficiency & build GenAI Application with Amazon Qâ
Elevate Developer Efficiency & build GenAI Application with Amazon Qâ
Bhuvaneswari Subramani
Â
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
apidays
Â
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
Â
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
apidays
Â
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Juan lago vĂĄzquez
Â
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
MadyBayot
Â
Mcleodganj Call Girls đ„° 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls đ„° 8617370543 Service Offer VIP Hot Model
Deepika Singh
Â
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
apidays
Â
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
Sandro Moreira
Â
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Andrey Devyatkin
Â
KĂŒrzlich hochgeladen
(20)
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
Â
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Â
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Â
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
Â
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Â
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
Â
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Â
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
Â
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Â
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
Â
Elevate Developer Efficiency & build GenAI Application with Amazon Qâ
Elevate Developer Efficiency & build GenAI Application with Amazon Qâ
Â
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Â
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
Â
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Â
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Â
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
Â
Mcleodganj Call Girls đ„° 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls đ„° 8617370543 Service Offer VIP Hot Model
Â
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Â
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
Â
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Â
2009 11 06 3gpp Ietf Ipv6 Shanghai Nat64
1.
DNS64 and NAT64 IPv6
Migration workshop for IETF and 3GPP November 5-6, 2009 Shanghai, China Simon Perreault Viagénie simon.perreault@viagenie.ca http://www.viagenie.ca
2.
Credentials â
Participation in the IETF BEHAVE WG â NAT traversal â Author of a STUN and TURN server (numb.viagenie.ca) â Editor of TURN-IPv6, TURN-TCP, ICE-TCP â IPv6 transition (== NAT removal?) â Author of three implementations of DNS64. â Working on three implementations of NAT64. â Co-ported the Asterisk open-source PBX to IPv6. â Ported the FreeSWITCH open-source PBX to IPv6. â Consulting in IP networking at ViagĂ©nie in QuĂ©bec, Canada. Copyright ViagĂ©nie 2009 2
3.
Plan â
Tell me again: Why was NAT-PT deprecated? â How are DNS64/NAT64 different? â What about the other IPv6 transition technologies? â ALGs: Do we really need them? â How to deploy and scale? â Our open-source DNS64/NAT64 implementations Copyright ViagĂ©nie 2009 3
4.
Deprecation of NAT-PT â
Described in [RFC4996]. â Issues with NAT-PT that do not apply to NAT64: â The NAT-PT box has to be the default router to snoop DNS queries. â For dual-stack hosts, the NAT-PT DNS-ALG returns both native and translated IPv6 addresses. â The NAT-PT DNS-ALG erroneously translates responses to DNS A queries from IPv6 network (and vice-versa). â One NAT binding is created per converted DNS RR, which may be more than needed. â NAT-PT is fully incompatible with DNSSEC. Copyright ViagĂ©nie 2009 4
5.
NAT-PT for 3GPP â
From RFC4215: Appendix A - On the Use of Generic Translators in the 3GPP Networks [...] To minimize the problems associated with NAPT-PT, the following actions can be recommended: 1. Separate the DNS ALG from the NAPT-PT node (in the "IPv6 to IPv4" case). 2. Ensure (if possible) that NAPT-PT does not become a single point of failure. 3. Allow for load sharing between different translators. That is, it should be possible for different connections to go through different translators. Note that load sharing alone does not prevent NAPT-PT from becoming a single point of failure. Copyright Viagénie 2009 5
6.
DNS64 and NAT64 â
DNS-ALG and translation functions are now separate. â DNS64 is designed with DNSSEC in mind. â NAT64 only deals with connections initiated from IPv6 to IPv4. â Constraining the problem space generally results in simpler, cleaner, more robust and scalable solutions. â NAT64 doesn't need to be the default router. â NAT64 benefits from better knowledge of NAT. Copyright ViagĂ©nie 2009 6
7.
IPv6 network to
IPv4 Internet NAT64 IPv4 Internet IPv6 Network Client Server DNS64 Connection Initiation Copyright Viagénie 2009 7
8.
Example â
IPv6 network â 2001:db8::/64 â NAT64 â 2001:db8::1 â DNS64 â 2001:db8::2 â NAT64 public IPv4 pool â 192.0.2.0/24 â Pref64::/n â 2001:db8:8000::/96 Copyright ViagĂ©nie 2009 8
9.
Example
Auth. IPv6 Client DNS64 DNS NAT64 IPv4 Server DNS Query AAAA example.com DNS Query AAAA example.com DNS Response NXDOMAIN DNS Query A example.com DNS Response DNS Response A 203.0.113.1 AAAA 2001:db8:8000::203.0.113.1 TCP over IPv6 Destination: [2001:db8:8000::203.0.113.1]:80 Allocate NAT Source: [2001:db8::xyz]:abc binding TCP over IPv4 Destination: 203.0.113.1:80 Source: 192.0.2.45:6853 Copyright Viagénie 2009 9
10.
IPv6 Internet to
IPv4 network NAT64 IPv6 Internet IPv4 Network Server Client DNS64 Connection Initiation Copyright Viagénie 2009 10
11.
NAT64 uses the
least amount of evil possible â Builds upon years of work on IPv4 NATs by BEHAVE working group. â [RFC4787], [RFC5382], [RFC5508], [RFC5389], and others â NAT mapping behavior is endpoint-independent. â NAT filtering is optional. â If enabled, behavior is address-dependent. â TCP simultaneous-open works. â Hairpinning works. â Result: NAT traversal works (e.g. SIP with ICE) Copyright ViagĂ©nie 2009 11
12.
NAT64 vs. others â
PNAT [draft-huang-behave-pnat] â Not in conflict with NAT64. â PNAT is a bump-in-the-stack technology to enable IPv4 applications to use IPv6 network for communication. â There needs to be a NAT64 in the network (modified a little). â PNAT performs DNS64 in the host. â IPv4 â IPv6 â IPv4 (PNAT) (NAT64) NAT64 Client IPv4 Internet IPv4 app. IPv6 Network PNAT, DNS64 Copyright ViagĂ©nie 2009 Server 12
13.
NAT64 vs. others â
IVI [draft-xli-behave-ivi] â Not in conflict with NAT64. â Constraint: IPv4 public address pool big enough to assign one IPv4 address to each IPv6-only client. â Stateless. â Double IVI: Support IPv4 applications on IPv6-connected client (like PNAT). Stateless Translator Client IPv4 Internet IPv4 app. IPv6 Network IVI Copyright ViagĂ©nie 2009 13 Server DNS64
14.
NAT64 vs. others â
Virtual IPv6 connectivity [draft-vogt-durand-virtual-ip6-connectivity] â Not in conflict with NAT64. â Different use case: IPv4 network to IPv6 Internet. â Support legacy IPv4 client devices when IPv6 Internet is well developed. â Stateful. â Communication between NAT and DNS. NAT46 IPv6 Internet IPv4 Network Client Copyright ViagĂ©nie 2009 Server 14 DNS46
15.
ALGs â
From [RFC4924], âReflections on Internet Transparencyâ (from Internet Architecture Board): No matter how well an ALG is implemented, barriers to transparency will emerge over time, so that the notion of a "transparent ALG" is a contradiction in terms. â At the moment, an FTP ALG draft is being considered for adoption in the BEHAVE working group. â IPv6 client behind NAT64 thinks it is talking to IPv6 server and send an EPASV or EPORT command. â Server is really IPv4 and doesn't understand EPASV or EPORT. Copyright ViagĂ©nie 2009 15
16.
ALGs â
SIP transition plan is to use ICE and TURN. [draft-ietf-sipping-v6-transition] â IPvX-only client asks TURN server for both IPv4 and IPv6 address allocations. â TURN server relays between IPv4 and IPv6. â This method could be applicable to many other protocols. â URLs with IPv4 address literals â 2.38% of Alexa's top 1 million websites contain them. â HTTP proxy is more resource-intensive than NAT64. â Workaround: proxy auto-config file with regular expression. [draft-wing-behave-http-ip-address-literals] Copyright ViagĂ©nie 2009 16
17.
Deployment â
Scaling â Same mechanisms as NAT44 â Cold standby, hot standby (e.g. VRRP) â Synchronizing state (e.g. pfsync) â See e.g. [draft-xu-behave-nat64-standby] â DNS64-based load balancing â Multiple NAT64 boxes, each with its own Pref64::/n. â Sems to be safe: â Choose a Pref64::/n based on DNS query destination address. â Seems to not be so safe: â Choose a Pref64::/n based on DNS query source address. Copyright ViagĂ©nie 2009 17
18.
Deployment â
From [draft-ietf-behave-v6v4-framework]: As a general rule, a simple operational recommendation will work around many application issues, which is that there should be a server in each domain or an instance of the server should have an interface in each domain NAT64 DNS64 SMTP MTA IPv4 Internet IPv6 Network SIP proxy Client Copyright Viagénie 2009 18 ... Server
19.
Ecdysis: Open-Source
DNS64 and NAT64 â Funded by NLnet and ViagĂ©nie. â Ecdysis refers to the molting of the cuticula in arthropods, as an analogy of IPv4 molting into IPv6. After molting, the arthropod is fresh and ready to grow! Arthropods is also the expertise of the 5 years old son of one of the project leads... Copyright ViagĂ©nie 2009 19
20.
Ecdysis: Open-Source
DNS64 and NAT64 â Three open-source implementations of DNS64 â A stand-alone implementation written in Perl for experimentation purposes. â A patch for Bind. â A patch for Unbound. â Available now at http://ecdysis.viagenie.ca â Three open-source implementations of NAT64 â A stand-alone implementation using libpcap for experimentation purposes. â A patch for OpenBSD's pf. â A patch for Linux's Netfilter (iptables). â Available soon... Copyright ViagĂ©nie 2009 20
21.
Implementation
Considerations â The âgood NATâ behavior is different from that of pf and Netfilter. Needs separate state data structures. â NAT64 changes the whole headers at once. pf works in two separate phases: destination first, then source. â Can't fit in the translation model pf is based on. â Unbound is modular, Bind is monolithic. â Found issue with TTL of synthetic AAAA records. Solution now part of the spec. â TTL(synth. AAAA) = min( TTL(A), TTL(SOA) ) â IPv4 access for DNS64 server not needed. â Is this useful? Maybe not. Copyright ViagĂ©nie 2009 21
22.
Conclusion â
NAT64 is a part of your IPv6 transition toolbox. â Don't over-engineer it. It's only for transition. Copyright ViagĂ©nie 2009 22
23.
Questions?
simon.perreault@viagenie.ca This presentation: http://www.viagenie.ca/publications/ References â Open-source DNS64 and NAT64: http://ecdysis.viagenie.ca â NAT64: [draft-ietf-behave-xlate-stateful] â DNS64: [draft-ietf-behave-dns64] Copyright ViagĂ©nie 2009 23
Jetzt herunterladen