original:
https://blog.csdn.net/zhangjie1989/article/details/51464251
1 . NAT64 and DNS64 background
In IPv6 the development of the network, should be the biggest problem facing IPv6 and IPv4 incompatibility, and therefore can not achieve the exchange of visits between the two kinds of incompatible networks. In order to achieve IPv6 and IPv4 visits, the IETF (Internet Engineering Task Force) early in the design of the NAT-PT solution: RFC2766 , NAT-PT via IPv6 and IPv4 transfer network addresses and protocols change, to achieve the IPv6 network and IPv4 two-way exchange of visits of the network. But NAT-PT faced in the practical application of a variety of network defects, the IETF recommendation is no longer used, so it has been RFC4966 repealed.
In order to solve the NAT-PT variety of defects, while achieving IPv6 and IPv4 network address and protocol conversion between the technology, the IETF (Internet Engineering Task Force) re-designing a new solution: NAT64 and DNS64 technology.
NAT64 is a state with a network address and protocol conversion technology, generally through support IPv6 originating users network connection to access the IPv4 side of the network resources. But NAT64 also supports manually configured static mapping relations and realize IPv4 network main action to initiate connection to access the IPv6 network. NAT64 can achieve the TCP , the UDP , the ICMP the protocol IPv6 and IPv4 network address and protocol conversion.
DNS64 is mainly with NAT64 work, mainly the DNS query message of A record ( the IPv4 address) Synthesis of the AAAA record ( IPv6 address), and returned to the synthesis of AAAA record to the user IPv6 -side user. DNS64 also solved the NAT-PT in the DNS-ALG defects exist.
NAT64 generally DNS64 work together, without the need for IPv6 client or IPv4 server to make any changes. NAT64 solve the NAT-PT majority of defects, in conjunction with DNS64 work together without as NAT-PT in the DNS-ALG and so on.
Currently NAT64 and DNS64 are in the IETF draft stage, has not yet formed a formal RFC documents. However, due to IPv6 's rapid development, the demand scenarios, IPv6 strong demand-side network users, in draft stage NAT64 and DNS64 has officially begun to deploy the application on the Internet. NAT64 only IPv6 a transitional solution for the early development of the network case, in IPv6 development pre-applications will be widely deployed, while the latter will be with IPv6 network development and expansion, and gradually withdraw from the stage of history.
This article focuses on DNS64 and NAT64 basic principles and application scenarios do not involve DNS64 and NAT64 protocol specific implementation, protocol specification and data processing details, hope of better understanding NAT64 and DNS64 network technicians or IPv6 web developers can directly refer to later in this article the IETF draft links.
2 . NAT64 and DNS64 network deployment scenarios NAT64 and DNS64 common networking application scenario as shown below:
In the figure above and ,, DNS64Server NAT64Router is completely independent parts. Wherein 64: FF9B :: / 96 prefix DNS64 well-known, and generally this DNS64 prefix to the IPv4 address the IPv6 address of the default synthesis, while the prefix is also used as a prefix conversion NAT64 achieve traffic matching prefix before doing the conversion NAT64. In general DNS64 NAT64 with the prefix is represented as pref64 :: / n, the prefix can be configured according to the actual network deployment. In the NAT-PT, converting the fixed support 96 only a prefix length, and can be used in NAT64: 32,40,48,56,64, or 96 such areas, each conversion rule prefix length is not exactly the same.
When IPv6OnlyUser initiate connection to access common IPv6 website will match IPv6 default route traffic directly forwarded to IPv6Router process. To access the IPv4 protocol stack of single server, will be synthesized by DNS64Server prefix, flow Pref64 :: / n network will be routed to the forwarded NAT64Router, thereby achieving conversion IPv6 and IPv4 addresses and protocols, network access IPv4 resources.
3. NAT64 DNS64 packet exchange with the
DNS64 NAT64 the packet exchange process shown below
在上图中,、DNS64Server与NAT64Router是完全独立的部分。其中64:FF9B::/96为DNS64的知名前缀,DNS64一般默认使用此前缀进行IPv4地址到IPv6地址的合成,同时该前缀也作为NAT64的转换前缀,实现匹配该前缀的流量才做NAT64转换。一般在DNS64与NAT64中该前缀被表示为pref64::/n,该前缀可根据实际网络部署进行配置。在NAT-PT中,转换的前缀只支持固定96位长度,而NAT64中则可使用:32,40,48,56,64或96等范围,每种长度的前缀转换规则也不完全相同。
当IPv6OnlyUser发起连接访问普通IPv6网站,流量将会匹配IPv6默认路由而直接转发至IPv6Router处理。而访问的是IPv4单协议栈的服务器时,将经DNS64Server进行前缀合成,Pref64::/n网段的流量将被路由转发至NAT64Router上,从而实现IPv6与IPv4地址和协议的转换,访问IPv4网络中的资源。