Tuesday, July 29, 2008

Interconnecting IPv6 and IPv4 networks with NAT-PT

A modified version of the previous Lab include a pure IPv6 Link between CON7 and CON8, and CON8 acting as NAT-PT for interconnecting the IPv6 networks into the existing IPv4 cloud.
Here the modified scenario:


As usual, first i read Cisco official documentation ( http://www.cisco.com/en/../ip6-nat_trnsln_ps6350_TSD_Products_Configuration_Guide_Chapter.html ) and then the configuration follows.

Lol! my CON8 doesn't support NAT-PT! It's a poor 1841 without advanced enterprise image! ;-(

However, i added the Serial 0/0/0 link configuration and OSPFv3 as follows:

CON7#
interface Serial0/0/0
description Link CON7 <-> CON8
no ip address
ipv6 address 2001:ABCD::FFFF/64
ipv6 ospf 1 area 0
no fair-queue
clock rate 800000
!
ipv6 router ospf 1
router-id 172.32.100.4
log-adjacency-changes
redistribute static metric 20 metric-type 1 tag 567

CON8#
interface Serial0/0/0
description Link CON8 <-> CON7
no ip address
ipv6 address 2001:ABCD::1/64
ipv6 ospf 1 area 0
!
ipv6 router ospf 1
router-id 172.31.100.3
log-adjacency-changes

So no static routes on CON8, but a beautiful OSPFv3, on CON7 i redistribute static routes, so CON8 can reach CON5 and CON6 ;-)
For full connectivity with IPv6 networks, i just added a default IPv6 route on CON5 and CON6 pointing to CON7 Tun0 address:

CON5# and CON6#
ipv6 route ::/0 2002:AC20:6404:1::1

That's all i can configure, but from cisco docs, my config will be a NAT-PT / PAT with a single fixed IPv4 address for translation...
something like this... (from Cisco docs)

SUMMARY STEPS

1. enable

2. configure terminal

3. ipv6 nat v6v4 source {list access-list-name | route-map map-name} pool name overload

or

ipv6 nat v6v4 source {list access-list-name | route-map map-name} interface interface name overload

4. ipv6 nat v6v4 pool name start-ipv4 end-ipv4 prefix-length prefix-length

5. ipv6 nat translation [max-entries number] {timeout | udp-timeout | dns-timeout | tcp-timeout | finrst-timeout | icmp-timeout} {seconds | never}

6. ipv6 access-list access-list-name

7. permit {protocol} {source-ipv6-prefix/prefix-length | any | host source-ipv6-address} [operator [port-number]] {destination-ipv6-prefix/prefix-length | any | host destination-ipv6-address}


No comments: