Source:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/nat-xe-3s-book/iadnat-stateful-nat64.pdf
 |
| NAT64 topology |
HOSTS
VPCS> set pcname ipv4
ipv4> ip 10.0.0.2/24 10.0.0.1
ipv4> show ip
NAME : ipv4[1]
IP/MASK : 10.0.0.2/24
GATEWAY : 10.0.0.1
!
ipv4> ping 10.0.0.1
10.0.0.1 icmp_seq=1 timeout
84 bytes from 10.0.0.1 icmp_seq=2 ttl=255 time=3.623 ms
84 bytes from 10.0.0.1 icmp_seq=3 ttl=255 time=1.647 ms
VPCS> set pcname ipv6
ipv6> ip 2001:DB8:1::2/96 2001:DB8:1::1
ipv6> show ipv6
ipv6> show ipv6
NAME : ipv6[1]
LINK-LOCAL SCOPE : fe80::250:79ff:fe66:680b/64
GLOBAL SCOPE : 2001:db8:1::2/96
!
ipv6> ping 2001:db8:1::1
2001:db8:1::1 icmp6_seq=1 ttl=64 time=2.936 ms
2001:db8:1::1 icmp6_seq=2 ttl=64 time=1.619 ms
ROUTER NAT64
2001:DB8:1::1/96 network range
2001:0db8:0001:0000:0000:0000:0000:0000-
2001:0db8:0001:0000:0000:0000:ffff:ffff
hostname NAT64
ipv6 unicast-routing
!
interface Gi0/1
description -=interface facing ipv6
no sh
no ip address
ipv6 address 2001:DB8:1::1/96
ipv6 enable
nat64 enable
!
interface Gi0/0
description -=interface facing ipv4
no sh
ip address 10.0.0.1 255.255.255.0
nat64 enable
!
NAT64 static:
!
! The Stateful NAT64 translator translates the source IP address to IPv6 by using the Stateful NAT64 prefix (if a stateful prefix is configured)
! or the Well Known Prefix (WKP) (if a stateful prefix is not configured).
! nat64 prefix stateful 3001::/96
! nat64 prefix stateful 2001:DB8:1::1/96
! if not configured:
Router#show nat64 prefix stateful global
Global Stateful Prefix: 64:FF9B::/96
! if it is received an IPv4 packet with destination 10.0.0.3 will translated to 2001:DB8:1::2
nat64 v6v4 static 2001:DB8:1::2 10.0.0.3
NAT64 dynamic example:
!
! Dynamically translates an IPv6 source address to an IPv6 source address
! and an IPv6 destination address to an IPv4 destination address for NAT64.
Device(config)# nat64 prefix stateful 2001:DB8:1::1/96
Device(config)# ipv6 access-list nat64-acl
Device(config-ipv6-acl)# permit ipv6 2001:DB8:2::/96 any
! nat64 v4 pool <pool-name> <start-ip-address> <end-ip-address>
Device(config)# nat64 v4 pool pool1 209.165.201.1 209.165.201.254
Device(config)# nat64 v6v4 list nat64-acl pool pool1
NAT64 check:
NAT64# debug ip icmp
NAT64# debug ipv6 icmp
ipv4> ping 10.0.0.3
84 bytes from 10.0.0.3 icmp_seq=1 ttl=62 time=2.954 ms
19:52:31.123645 10.0.0.2 ICMP 10.0.0.3 Echo (ping) request id=0x5f2e, seq=1/256, ttl=64 (reply in 4) ICMP
19:52:31.133602 10.0.0.3 ICMP 10.0.0.2 Echo (ping) reply id=0x5f2e, seq=1/256, ttl=62 (request in 3) ICMP
ipv6>
19:50:06.834964 64:ff9b::a00:2 ICMPv6 2001:db8:1::2 Echo (ping) request id=0xce2d, seq=1, hop limit=63 (reply in 4)
19:50:06.835044 2001:db8:1::2 ICMPv6 64:ff9b::a00:2 Echo (ping) reply id=0xce2d, seq=1, hop limit=63 (request in 3)
Global Stateful Prefix: 64:FF9B::/96
nat64 v6v4 static 2001:DB8:1::2 10.0.0.3
host 'ipv4' can reach host 'ipv6' by IP=10.0.0.3
Steps host 'ipv4' pings host 'ipv6':
1) host 'ipv4' send: s:10.0.0.2 d:10.0.0.3
2) ROUTER NAT64 translate: s:10.0.0.2 d:10.0.0.3 => s:64:ff9b::a00:2 d:2001:DB8:1::2
3) host ipv6 receive: s:64:ff9b::a00:2 d:2001:DB8:1::2
show nat64 translations
show nat64 statistics
NAT64#show nat64 translationsProto Original IPv4 Translated IPv4
Translated IPv6 Original IPv6
--------------------------------------------------------
icmp 10.0.0.2:40753 [64:FF9B::A00:2]:40753
10.0.0.3:40753 [2001:DB8:1::2]:40753
icmp 10.0.0.2:41009 [64:FF9B::A00:2]:41009
10.0.0.3:41009 [2001:DB8:1::2]:41009
--- --- ---
10.0.0.3 2001:DB8:1::2
Total number of translations: 3
NAT64#
NAT64#show nat64 statisticsNAT64 Statistics
Number of NAT64 enabled interfaces: 2
Number of packets translated by stateless NAT64:
Packets translated (IPv4 -> IPv6): 0
Packets translated (IPv6 -> IPv4): 0
Number of packets translated by stateful NAT64:
Packets translated (IPv4 -> IPv6): 13
Packets translated (IPv6 -> IPv4): 17
Number of packets translated by MAP-T:
Packets translated (IPv4 -> IPv6): 0
Packets translated (IPv6 -> IPv4): 0
Number of packets processed by MAP-E:
Packets processed (IPv4 -> IPv6): 0
Packets processed (IPv6 -> IPv4): 0
Global Statistics
Prefix: 64:FF9B::/96
Packets translated (IPv4 -> IPv6): 12
Packets translated (IPv6 -> IPv4): 1
Packets dropped: 0
Interface Statistics
Total active translations: 1(1 static, 0 dynamic,0 extended)
Active sessions: 2
Number of expired entries: 29
Number of packets:
CEF Translated: 15 CEF Punted packets: 10
Dropped: 29
Hits: 18 Misses: 41
Dynamic Mapping Statistics
Limit Statistics
Maximum entries limit not configured
NAT64#