Basic principles of NAT64

Today we will understand the overview of the NAT64 protocol.

NAT (Network Address Translation, network address translation) was proposed in 1994. When some hosts in the private network have been assigned local IP addresses, but now they want to communicate with hosts on the Internet, the NAT method can be used. Defined in RFC 1631. The original purpose of NAT is similar to CIDR, and it is also to slow the exhaustion of the available IP address space. The implementation method is to use a small number of public IP addresses to represent a large number of private IP addresses. Over time, people have found that NAT is very useful for applications such as network migration, network convergence, and server load sharing.

IPv4 was first created in the 1970s, earlier than the current Internet, earlier than the World Wide Web, earlier than the ubiquitous broadband service that is always online, and earlier than smart phones. At the beginning of its creation, the 4.3 billion addresses owned by IPv4 are extremely rich for the trivial experimental TCP/IP network to be supported, but the number of people connected to the Internet has exceeded 3.2 billion, and there are a large number of other devices connected to the Internet. .

No matter what scale the IoT will develop in the future, the current 4.3 billion addresses are far from meeting the demand. From a capacity perspective, we ran out of IPv4 addresses in the mid-1990s. We just use extended IPv4 available addresses for the Internet of Things that far exceeds the capacity of IPv4 addresses through many means.

So IPv6 is not necessary, but there are still many difficulties before transitioning to IPv6 networks.

1. The Internet lacks centralized management and is an alliance of a large number of independently managed autonomous systems, so there is no way to force or coordinate everyone to switch from IPv4 to IPv6.

2. The network fully supports IPv6 requires a lot of financial resources, manpower and technology.

3. IPv6 and IPv4 are not backward compatible. IPv6 was first born in the 1990s. At that time, designers believed that operators would definitely actively deploy IPv6. Few people thought that IPv6 deployment would face many obstacles.

NAT64 is a stateful network address and protocol translation technology. Generally, it only supports access to IPv4 network resources through the user-initiated connection on the IPv6 network side. However, NAT64 also supports manual configuration of static mapping relationships, so that IPv4 networks can actively initiate connections to access IPv6 networks.

Although most devices now support IPv6, there are still many older devices that only support IPv4. These devices need to be interconnected through an IPv6 network in some way. NAT64 can realize IPv6 and IPv4 network address and protocol conversion under TCP, UDP, ICMP protocol.

And because IPv6 is not compatible with IPv4, there must be necessary migration mechanisms, such as dual stack, tunneling, and conversion.

1. Dual-stack interface: The simplest way to maintain the coexistence of IPv4 and IPv6 is to configure two protocols for the interface. Which version of the IP protocol is used depends on the version of the data packet received from the device or the type of address returned by DNS when querying the device address. Although dual stack is an expected migration method from IPv4 to IPv6, the premise is that the migration process must be completed before IPv4 addresses are exhausted.

2. Tunnel: The tunnel also solves the problem of coexistence. The tunnel allows devices or sites of one protocol version to traverse the network segment of another protocol version (including the Internet), so that two IPv4 devices or sites can exchange IPv4 packets through the IPv6 network, and between two IPv6 devices or sites It is also possible to exchange IPv6 data packets through an IPv4 network.

3. Conversion: The conversion technology changes the packet header of one protocol version to the packet header of another protocol version, thus solving the interoperability problem between IPv4 devices and IPv6 devices.

A simple NAT64 setting may be that two interfaces of a device are respectively connected to the gateway of the IPv4 network and the IPv6 network. The traffic of the IPv6 network is routed through the gateway, which performs all the necessary translation of the packets transmitted between the two networks. However, this translation is not symmetric, because the IPv6 address space is much larger than the IPv4 address space, so it is impossible to perform one-to-one address mapping. 

Generally speaking, NAT64 is designed to be used when IPv6 hosts initiate communication. But there are also some mechanisms that allow reverse scenarios, such as static address mapping.

Not every type of resource can be accessed with NAT64. Protocols with embedded IPv4 literal addresses (such as SIP and SDP, FTP, WebSocket, Skype, MSN, etc.) cannot be supported. For SIP and FTP, the application layer gateway (ALG) technology can solve the problem. Up to now, NAT64 is not a good solution. The current limitations of NAT64 are as follows:

1. Without static address mapping entries, IPv4 devices are not allowed to initiate session requests to IPv6 devices;

2. The software has limited support for NAT64;

3. Like all other converters, IP multicast is not supported;

4. Many applications do not support it.

The above is the news sharing from the PASSHOT. I hope it can be inspired you. If you think today' s content is not too bad, you are welcome to share it with other friends. There are more latest Linux dumps, CCNA 200-301 dumps, CCNP Written dumps and CCIE Written dumps waiting for you.