ipv6

Postings may contain unverified user-created content and change frequently. The content is provided as-is andis not warrantied by Cisco.

1

IPv6 Stateful NAT64 Configuration Example

Introduction Requirements Background Topology Diagram

Summary Steps Configuration Verify Commands Show nat64

mappings static Show nat64 adjacency ipv6 Show nat64 prefix

stateful Show nat64 statistics References

Introduction

Stateful NAT64 is a Network Address Translation mechanism for translating IPv6 addressesto IPv4 addresses, and IPv4 addresses to IPv6 addresses. Like NAT44, it is called stateful because it creates or modifies bindings or session state while performing translation.It supports both IPv6-initiated and IPv4-initiated communications using static or manualmappings. In this document, stateful NAT64 uses static IPv6 to IPv4 mapping for addresstranslations.

Requirements

• Understanding of IPv6 Addressing Scheme• Understanding NAT64

Background

In this configuration example, routers R1,R2 and R3 are connected via fast Ethernetinterface.Loopback addresses are configured to generate networks.



2

The router R1 is IPv6only router which runs RIPv6 with the ASR (Router R2).Similarly therouter R3 is IPv4 only router that uses OSPF to communicate with the ASR. The networkaddress translations happen in ASR router using static IPv6 to IPv6 mappings.

Note: All configurations are tested in a lab environment on Cisco 2800 Routers operating onCisco IOS 15.2 and ASR operating on Cisco IOS-XE 15.1(3)S4version.

Topology Diagram

https://supportforums.cisco.com/servlet/JiveServlet/showImage/102388/updatednwdiag.JPG



3

Summary Steps

NAT64 Interface Configuration

1. ipv6 address <Specify an IPv6 address>2. nat64 enable3. exit

NAT64 Mapping Configuration

1. enable2. configure terminal3. nat64 prefix stateful <prefix>

Note: The above command enables the router to translate the source IP address to IPv6 byusing the Stateful NAT64 prefix

4. nat64 v6v4 <static> <ipv6-address ipv4-address>

5. exit

Configuration

Router R1

IPv6 Only Router

Router R2

ASR Router

Router R3

IPv4 Only Router

IPv6 Only_Router R1#showrun

Building configuration...

!

ASR Router R2#show run


IPv4 Only_router R3#showrun


!

version 15.2



4

version 15.2

!

hostname IPv6 Only_Router R1

!

!

ip cef

ipv6 unicast-routing

ipv6 cef

!

!

interface Loopback0

no ip address

ipv6 address AB00::1/128

ipv6 rip RIP enable

!

interface Loopback1

no ip address

ipv6 address AB01::1/128

ipv6 rip RIP enable

!

interface FastEthernet0/0

duplex auto

speed auto

ipv6 address 2001::A00:A/128

ipv6 rip RIP enable

!

!

ipv6 router rip RIP

!

!

end

!

version 15.1

!

hostname ASR Router R2

!

!


!

!

interface Loopback0

no ip address

ipv6 address BB10::1/128

!

interface Loopback1

ip address 2.2.2.2255.255.255.255

!

!

interface FastEthernet0/2/6

ip address 10.0.0.2255.255.255.0

negotiation auto

nat64 enable

!

interface FastEthernet0/2/7

no ip address

negotiation auto

ipv6 address2001::A00:B/128

ipv6 rip RIP enable

ipv6 rip RIP default-information only

nat64 enable

!

hostname IPv4 Only_routerR3

!

ip cef


ipv6 cef

multilink bundle-nameauthenticated

!

!

!

interface Loopback0

ip address 1.1.1.1255.255.255.255

!

interface Loopback1

ip address 1.1.1.2255.255.255.255

!

interface FastEthernet0/0

ip address 10.0.0.1255.255.255.0

duplex auto

speed auto

!

!

router ospf 1

network 1.1.1.1 0.0.0.0area 1

network 1.1.1.2 0.0.0.0area 0

network 10.0.0.0 0.0.0.255area 0



5

!

!

router ospf 1

network 2.2.2.2 0.0.0.0area 1

network 10.0.0.0 0.0.0.255area 0

!

!

ipv6 router rip RIP

!

!

!

nat64 prefix stateful3001::/96

nat64 v6v4 static2001::A00:A 10.0.0.10

!

end

!

!

end

Verify Commands

Verifying Connectivity Using Ping Command

To verify whether the router R3 (IPv4 only network) is able to reach the router R1(IPv6 onlynetwork), use the ping command and verify the translations that happen by debug ipv6icmp.



6

In router R3

Try ping router R1(IPv6 only network)which is represented by the IPv4 address 10.0.0.10.Enable debug ip icmp on router R3 and in router R1(IPv6 only network) enable debug ipv6icmp

R3#debug ip icmp

ICMP packet debugging is on

R1#debug ipv6 icmp

ICMP Packet debugging is on

R3#ping 10.0.0.10

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

R3#

*Sep 8 09:56:22.451: ICMP: echo reply rcvd, src 10.0.0.10, dst 10.0.0.1, topologyBASE, dscp 0 topoid 0







7

R1#

*Sep 8 10:48:51.499: ICMPv6: Received echo request, Src=3001::A00:1,Dst=2001::A00:A

*Sep 8 10:48:51.499: ICMPv6: Sent echo reply, Src=2001::A00:A, Dst=3001::A00:1









From the above debug output, you can see that the router R3(IPv4 only Router) is able toreach the router R1(IPv6 only router) using the static IPv4 address that we have assignedi.e.using 10.0.0.10

Similarly the router R1(IPv6 only router) debug output shows that the ICMP request isreceived from 3001::A00:1 which is nothing but the IPv4 address 10.0.0.1 when convertedto hexadecimal becomes A00:1 and is added to the prefix 3001::/.In other words the IPv4address 10.0.0.1 is translated to 3001::A00:1 when reaching the IPv6 enabled network.

The following show commands can be used to see NAT64 translations that happen in ASRrouter



8

Show nat64 mappings static

To display the information about the Network Address Translation 64 (NAT64) staticmappings, use this command.

ASR Router R2#show nat64 mappings staticStatic mappings configured: 1Direction Protocol Address (Port, if any) Non-key Address (Port, if any)v6v4 --- 2001::A00:A 10.0.0.10

Show nat64 adjacency ipv6

This command displays the information about the Network Address Translation 64 (NAT64)managed adjacencies.

ASR Router R2#show nat64 adjacency ipv6

Adjacency Counts

Stateless Prefix Adjacencies: 0

Stateless Prefix Adjacency Ref Count: 0

v4v6 Stateless Prefix Adjacencies: 0

v4v6 Stateless Prefix Adjacency Ref Count: 0

v6v4 Stateless Prefix Adjacencies: 0

v6v4 Stateless Prefix Adjacency Ref Count: 0



9

Stateful Prefix Adjacencies: 1

Stateful Prefix Adjacency Ref Count: 1

IPv6 Well-Known Prefix Adjacencies: 1

IPv6 Well-Known Prefix Adjacency Ref Count: 1

IPv6 Static Mapping Adjacencies: 0

IPv6 Static Mapping Adjacency Ref Count: 0

IPv4 Route Adjacencies: 0

Adjacencies

Stateful Prefix: ::100.0.0.1

IPv6 Well-Known Prefix: ::100.0.0.2

IPv6 Stateful Mask: ::100.0.0.0

Show nat64 prefix stateful

Using this command, you can check the information about Network Address Translation 64(NAT64) stateful prefixes. Global prefixes, nat64 configured intrerfaces and prefix static-routes will be displayed.

ASR Router R2#show nat64 prefix stateful global (Displays the global prefixes)

Global Stateful Prefix: is valid, 3001::/96

IFs Using Global Prefix

Fa0/2/6

Fa0/2/7



10

ASR Router R2#show nat64 prefix stateful static-routes (Displays the static-routes)

Stateful Prefixes

NAT64 Prefix

Static Route Ref-Count

3001::/96

1

ASR Router R2#show nat64 prefix stateful interfaces (Displays the nat64 enabledinterfaces)

Stateful Prefixes

Interface

NAT64 Enabled Global Prefix

FastEthernet0/2/6

TRUE TRUE 3001::/96

FastEthernet0/2/7

TRUE TRUE 3001::/96

Show nat64 statistics

To display Network Address Translation 64 (NAT64) packet count statistics use thiscommand

ASR Router R2#show nat64 statistics



11

NAT64 StatisticsTotal active translations: 1 (1 static, 0 dynamic; 0 extended)Sessions found: 142Sessions created: 16Expired translations: 16Global Stats: Packets translated (IPv4 -> IPv6) Stateless: 0 Stateful: 79 Packets translated (IPv6 -> IPv4) Stateless: 0 Stateful: 79Interface Statistics FastEthernet0/2/6 (IPv4 configured, IPv6 not configured): Packets translated (IPv4 -> IPv6) Stateless: 0 Stateful: 79 Packets translated (IPv6 -> IPv4) Stateless: 0 Stateful: 0 Packets dropped: 0 FastEthernet0/2/7 (IPv4 not configured, IPv6 configured): Packets translated (IPv4 -> IPv6) Stateless: 0 Stateful: 0 Packets translated (IPv6 -> IPv4) Stateless: 0 Stateful: 79 Packets dropped: 0Dynamic Mapping Statistics v6v4



12

References

• NAT64 Technology: Connecting IPv6 and IPv4 Networks• NAT64—Stateless versus Stateful• Stateful Network Address Translation 64• Stateless IPv6 NAT64 Configuration• IP Version 6 (IPv6) - Cisco Systems• Cisco IOS IPv6 Command Reference• IPv6 - Frequently Asked Questions

Routing Information Protocol

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6553/white_paper_c11-676278.html

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6553/white_paper_c11-676277.html

http://www.cisco.com/en/US/partner/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/asr1000/iadnat-stateful-nat64.html

https://supportforums.cisco.com/docs/DOC-22619

http://www.cisco.com/en/US/tech/tk872/tsd_technology_support_protocol_home.html

http://www.cisco.com/en/US/docs/ios/ipv6/command/reference/ipv6_book.html

https://supportforums.cisco.com/docs/DOC-16506

ipv6

Documents