[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Tunnel-to-NAT scenario



On 2008-06-18 10:02, Iljitsch van Beijnum wrote:
> On 17 jun 2008, at 23:45, Brian E Carpenter wrote:
> 
>>> The actual packet mangling should be simple
>>> enough, the problem is that the client can't express the IPv6
>>> destination in an IPv4 packet without modifications to the IPv4 client
>>> (and those modifications would be unlikely to work through middleboxes).
> 
>> That's why you go to a traditional v4-to-v4 NAT at the boundary.
>> No new mangling code is needed. From the v4 point of view this
>> is bog standard NAPT with configured port mapping.
> 
> So if you're an IPv4 client and I'm an IPv6 server with address
> 2001:db8:31::1, what do you put in the destination address of the IPv4
> packets you send to me?

The public address of the NAT to which you are tunneling. Of course,
that NAT has to be configured to forward port N through a tunnel
to whatever IPv4 address 2001:db8:31::1 has borrowed.

(draft-despres-v6ops-apbp-00.txt would automate the borrowing
process, if you don't want to configure it.)

This doesn't get rid of NAPT nastiness for supporting servers.
But if someone insists on running a server for IPv4 clients that
doesn't have its own public IPv4 address, that nastiness is
intrinsic. The question is what's the simplest way to deal
with it.

    Brian