[arin-ppml] 464: was (Re: IPv6 adoption, map-encap for IPv4?)
Alain Durand
alain_durand at cable.comcast.com
Fri Jun 13 12:30:59 EDT 2008
On 6/13/08 11:49 AM, "Robin Whittle" <rw at firstpr.com.au> wrote:
> Hi Alain,
>
> I read your Internet Draft a couple of weeks ago:
>
> http://tools.ietf.org/html/draft-durand-v6ops-natv4v6v4-01
>
> but couldn't easily find your presentations. Please let me know
> where they are.
I'll send you a private copy of the latest slide deck.
> I assume 464 involves multiple customers sharing a remote NAT box
> with a single public IPv4 address. I understand the primary
> motivation here is to eliminate the current requirement that each
> customer's DSL or DOCSIS service have its own public IPv4 address.
Correct.
> Does each user PC get a link to the remote NAT box, meaning each PC
> experiences a single layer of NAT to the IPv4 Internet?
>
> Or does the home modem operate as a NAT box in some way for IPv4,
> and that NAT box gets a link through 464 to another remote NAT box
> which actually has a public IPv4 address?
The idea is that the home gateway will be provisioned on the WAN with only
IPv6 and will run DHCPv4 with 192.168.0.0 on the LAN side.
Now, instead of translating outgoing IPv4 packets, it will forward them
unchanged inside of an IPv6 tunnel which endpoint is somewhere within the
service provider network. That endpoint will decapsulate the packet and
translate the original IPv4 packet to use a global IPv4 source address. Of
course, that carrier grade NAT will have to use the IPv6 tunnel src address
as part of its mapping table instead of the IPv4 address of the original
packet.
That way, there is effectively only one level of NAT. Manual port forwarding
cannot be supported, of course. We are now studying what is the impact on
p2p protocols and uPNP.
Note: It is actually possible to run a 464 client on a stand alone device
(ie not behind a home gateway) that is connected only with IPv6. That device
pick up any random or well know IPv4 src address (even 127.0.0.1 could
work), figure out the IPv4 destination (resolve A records over IPv6 DNS),
and ship the packet over the 464 tunnel. That way, you can run v4 apps,
browse the v4 Internet, all that on a v6-only configured device...
- Alain.
More information about the ARIN-PPML
mailing list