I'm trying to get NAT-PT using v4-mapped to work with overload. The following works:
ipv6 route ::/0 2000::1
ipv6 nat v6v4 source list v4-map-list pool v4NATpool
ipv6 nat v6v4 pool v4PATpool 192.168.178.100 192.168.178.100 prefix-length 24
ipv6 nat v6v4 pool v4NATpool 192.168.178.101 192.168.178.110 prefix-length 24
ipv6 nat prefix 2001::/96 v4-mapped v4-map-list
!
ipv6 access-list v4-map-list
permit ipv6 any 2001::/96
The following does not:
ipv6 route ::/0 2000::1
ipv6 nat v6v4 source list v4-map-list pool v4PATpool overload
ipv6 nat v6v4 pool v4PATpool 192.168.178.100 192.168.178.100 prefix-length 24
ipv6 nat v6v4 pool v4NATpool 192.168.178.101 192.168.178.110 prefix-length 24
ipv6 nat prefix 2001::/96 v4-mapped v4-map-list
!
ipv6 access-list v4-map-list
permit ipv6 any 2001::/96
When debug ipv6 nat det is turned on the overloaded config gets:
R11#debug ipv6 nat det
IPv6 NAT-PT detailed debugging is on
R11#
*Mar 1 00:06:15.651: IPv6 NAT: address allocated 192.168.178.100
*Mar 1 00:06:15.651: IPv6 NAT: Dropping v6tov4 packet
*Mar 1 00:06:16.667: IPv6 NAT: address allocated 192.168.178.100
*Mar 1 00:06:16.671: IPv6 NAT: Dropping v6tov4 packet
*Mar 1 00:06:17.675: IPv6 NAT: address allocated 192.168.178.100
*Mar 1 00:06:17.675: IPv6 NAT: Dropping v6tov4 packet
*Mar 1 00:06:18.667: IPv6 NAT: address allocated 192.168.178.100
*Mar 1 00:06:18.667: IPv6 NAT: Dropping v6tov4 packet
*Mar 1 00:06:19.675: IPv6 NAT: address allocated 192.168.178.100
*Mar 1 00:06:19.675: IPv6 NAT: Dropping v6tov4 packet
Remove overload, and it works just fine:
R11(config)#no ipv6 nat v6v4 source list v4-map-list pool v4PATpool overload
R11(config)#ipv6 nat v6v4 source list v4-map-list pool v4NATpool
R11(config)#end
R11#
*Mar 1 00:06:54.687: %SYS-5-CONFIG_I: Configured from console by console
*Mar 1 00:06:58.411: IPv6 NAT: address allocated 192.168.178.101
*Mar 1 00:06:58.411: IPv6 NAT: icmp src (2000::1) -> (192.168.178.101), dst (2001::C0A8:B208) -> (192.168.178.8)
*Mar 1 00:06:59.411: IPv6 NAT: ipv6nat_find_entry_v4tov6:
ref_count = 1,
usecount = 0, flags = 2, rt_flags = 0,
more_flags = 0
*Mar 1 00:06:59.411: IPv6 NAT: icmp src (2000::1) -> (192.168.178.101), dst (2001::C0A8:B208) -> (192.168.178.8)
*Mar 1 00:06:59.427: IPv6 NAT: ipv6nat_find_entry_v4tov6:
ref_count = 1,
usecount = 0, flags = 2, rt_flags = 0,
more_flags = 0
*Mar 1 00:06:59.463: IPv6 NAT: ipv6nat_find_entry_v4tov6:
ref_count = 1,
usecount = 0, flags = 2, rt_flags = 0,
more_flags = 0
*Mar 1 00:06:59.463: IPv6 NAT: icmp src (2000::1) -> (192.168.178.101), dst (2001::C0A8:B208) -> (192.168.178.8)
*Mar 1 00:06:59.475: IPv6 NAT: ipv6nat_find_entry_v4tov6:
ref_count = 1,
usecount = 0, flags = 2, rt_flags = 0,
more_flags = 0
*Mar 1 00:06:59.483: IPv6 NAT: ipv6nat_find_entry_v4tov6:
ref_count = 1,
usecount = 0, flags = 2, rt_flags = 0,
more_flags = 0
*Mar 1 00:06:59.483: IPv6 NAT: icmp src (2000::1) -> (192.168.178.101), dst (2001::C0A8:B208) -> (192.168.178.8)
*Mar 1 00:06:59.491: IPv6 NAT: ipv6nat_find_entry_v4tov6:
ref_count = 1,
usecount = 0, flags = 2, rt_flags = 0,
more_flags = 0
*Mar 1 00:06:59.507: IPv6 NAT: ipv6nat_find_entry_v4tov6:
ref_count = 1,
usecount = 0, flags = 2, rt_flags = 0,
more_flags = 0
*Mar 1 00:06:59.507: IPv6 NAT: icmp src (2000::1) -> (192.168.178.101), dst (2001::C0A8:B208) -> (192.168.178.8)
*Mar 1 00:06:59.515: IPv6 NAT: ipv6nat_find_entry_v4tov6:
ref_count = 1,
usecount = 0, flags = 2, rt_flags = 0,
more_flags = 0
Has anyone gotten this to work? It'd be nice to have all the incoming IPv6 connections overloaded onto on IP address, and use v4-mapped to avoid lengthy batteries of destination entries and keep the router config short and simple.
Any info will help.
Thanks,
John
