cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4315
Views
5
Helpful
2
Replies
Highlighted
Beginner

Is NAT66 now supported ?

Hi !

I just got one question !

Is now NAT66 supported on Cisco routers like advance entreprise ?

I read than they implemant it in ASA routers, but i don't get one ^^'.

Thx

2 REPLIES 2
Highlighted
Cisco Employee

NAT66 is now called NPTv6 (Network Prefix Translation) since people hate NAT so much.

NPTv6 is much more scalable than NAT since it is stateless, so it got a new name to encourage people to take a second look at it.

You can look up the feature by name with Feature Navigator, http://www.cisco.com/go/fn or with your favorite search engine.

A good independent primer is here:

http://www.howfunky.com/2012/02/ipv6-to-ipv6-network-prefix-translation.html

Highlighted

No, NAT66 is not called NPTv6: NAT66 and NPTv6 are simply not the same . NAT66 can solve problems that NPTv6 can not, since NAT66 is stateful and is not only a translation of the prefix, it is a translation of the whole destination address.

 

NAT66 can handle use-cases that IPv4 NAT can handle and that NPTv6 can no longer handle. Here is an example:

1- you have a production service running on host IPv6-A, and you want to migrate this service to a new version, running on host IPv6-B, in the same data center;

3- so, you want to first test the new service only for users of some of your sites.

4- Therefore, the new service may have the same prefix, so NATPTv6 is useless for this use case.

5- Moreover, you need to create a rule on one of your internal routers that converts IPv6-A destination addresses to IPv6-B destination addresses, but this rule must only be applied for packets matching the IPv6 source addresses of your test sites.

- Finally, you need a stateful protocol, because the packets coming back from the new server must have their source IP modified to match the IPv6 address of the current service (not doing that would make the packets rejected by the client hosts of the service).

 

 

As a global rule, NPTv6 is here to do the job that Source NAT does in the IPv4 world, and NAT66 can do the job that Destination NAT does in the IPv4 world.

 

@Phillip Remaker wrote:

NAT66 is now called NPTv6 (Network Prefix Translation) since people hate NAT so much.

 

NPTv6 is much more scalable than NAT since it is stateless, so it got a new name to encourage people to take a second look at it.

Content for Community-Ad
This widget could not be displayed.