I am trying to configure an IPv6 only LAN (a small test setup which comprises of few devices)
Wish list -
1. Router should take IPv4 from DHCP (currently working)
2. Router should work as DHCPv6 Server (Currently working)
3. IPv6 only devices should be able to access internet using NAT64 feature configured on 1921. (Not Working)
Addition points -
I had done a static v6v4 entry for IPv4 DNS server mapped to a DNS IPv6.
Network Diagram - Attached
Router Running Config - Attached.
Can someone please verify the running config and suggest the part I am missing.
From my own notes on configuring a csr1000v your config looks good aside from you using a /96 netmask for the user VLAN. Try changing it to a /64:
! ipv6 dhcp pool IPv6 no address prefix 4001::/96 address prefix 4001::/64 ! interface GigabitEthernet0/1 no ipv6 address 4001::1/96 ipv6 address 4001::1/64 ! ipv6 access-list ACLv6 no permit ipv6 4001::/96 any permit ipv6 4001::/64 any !
I was using /64 earlier and it was not working then I went through some Cisco docs whic suggested that for NAT-PT & 64 it has to be (128-32=96) /96
I changed it /96 and still the status is same.
The /96 prefix is only required when an IPv4 address is being append. Your DNS64 server when about to return an A record, should append the IPv4 address to 2001::/96 and return an AAAA record
This address is then correctly identified by the router for NAT64 translation.
In the following example, 2001:0:0:faff::/96 is my NAT64 prefix:
root@nat64:~# nslookup > www.bbc.co.uk Server: 2001:0:0:fa12::2 Address: 2001:0:0:fa12::2#53 Non-authoritative answer: www.bbc.co.uk canonical name = www.bbc.net.uk. Name: www.bbc.net.uk Address: 22.214.171.124 Name: www.bbc.net.uk Address: 126.96.36.199 > set type=aaaa > www.bbc.co.uk Server: 2001:0:0:fa12::2 Address: 2001:0:0:fa12::2#53 Non-authoritative answer: www.bbc.co.uk canonical name = www.bbc.net.uk. www.bbc.net.uk has AAAA address 2001:0:0:faff::d43a:f65a www.bbc.net.uk has AAAA address 2001:0:0:faff::d43a:f65b
d43a:f65a and d43a:f65b are 188.8.131.52 and 184.108.40.206 in hex.
All other user VLANs should adhere to the rule of /64 prefix length.
This is the page I followed to get a working setup:
Have you tried troubleshooting your NAT64 setup. Does it for example return a AAAA record for www.bbc.co.uk ?