cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2587
Views
0
Helpful
3
Replies
Pawan Sharma
Beginner

Internet Access on IPv6 Only LAN with NAT64

Hi, 

I am trying to configure an IPv6 only LAN (a small test setup which comprises of few devices) 

 

Wish list - 

1. Router should take IPv4 from DHCP (currently working)

2. Router should work as DHCPv6 Server (Currently working)

3. IPv6 only devices should be able to access internet using NAT64 feature configured on 1921. (Not Working)

Addition points - 

I had done a static v6v4 entry for IPv4 DNS server mapped to a DNS IPv6.

 

Network Diagram - Attached

Router Running Config - Attached.

 

Can someone please verify the running config and suggest the part I am missing. 

 

Thanks

Regards,
Pawan Sharma
https://itgears.io
3 REPLIES 3
Seb Rupik
VIP Advisor

Hi there,

From my own notes on configuring a csr1000v your config looks good aside from you using a /96 netmask for the user VLAN. Try changing it to a /64:

 

!
ipv6 dhcp pool IPv6
 no address prefix 4001::/96
 address prefix 4001::/64
!
interface GigabitEthernet0/1
 no ipv6 address 4001::1/96
 ipv6 address 4001::1/64
!
ipv6 access-list ACLv6
 no permit ipv6 4001::/96 any
 permit ipv6 4001::/64 any
!

 

cheers,

Seb.

Hi, 

 

I was using /64 earlier and it was not working then I went through some Cisco docs whic suggested that for NAT-PT & 64 it has to be (128-32=96) /96

I changed it /96 and still the status is same. 

 

Regards,

Regards,
Pawan Sharma
https://itgears.io

The /96 prefix is only required when an IPv4 address is being append. Your DNS64 server when about to return an A record, should append the IPv4 address to 2001::/96 and return an AAAA record

This address is then correctly identified by the router for NAT64 translation.

In the following example, 2001:0:0:faff::/96 is my NAT64 prefix:

root@nat64:~# nslookup
> www.bbc.co.uk
Server: 2001:0:0:fa12::2
Address: 2001:0:0:fa12::2#53


Non-authoritative answer:
www.bbc.co.uk canonical name = www.bbc.net.uk.
Name: www.bbc.net.uk
Address: 212.58.246.90
Name: www.bbc.net.uk
Address: 212.58.246.91
> set type=aaaa
> www.bbc.co.uk
Server: 2001:0:0:fa12::2
Address: 2001:0:0:fa12::2#53

Non-authoritative answer:
www.bbc.co.uk canonical name = www.bbc.net.uk.
www.bbc.net.uk has AAAA address 2001:0:0:faff::d43a:f65a
www.bbc.net.uk has AAAA address 2001:0:0:faff::d43a:f65b

 

d43a:f65a and d43a:f65b are 212.58.246.90 and 212.58.246.90 in hex.

 

All other user VLANs should adhere to the rule of /64 prefix length.

 

This is the page I followed to get a working setup:

http://docwiki.cisco.com/wiki/IPv6_only_setup_with_NAT64

 

Have you tried troubleshooting your NAT64 setup. Does it for example return a AAAA record for www.bbc.co.uk ?

 

cheers,

Seb.