IPv6BBS

 找回密码
 注册

扫一扫,访问微社区

QQ登录

只需一步,快速开始

查看: 9028|回复: 0

在Cisco路由器上配置Stateless NAT64

[复制链接]
满天星 发表于 2011-5-15 17:54:38 | 显示全部楼层 |阅读模式
注意:本文中列举的Cisco NAT64属于Stateless NAT64,与Stateful NAT64有较大的区别,请务必明确!
支持Stateless NAT64的版本为:Cisco IOS XE Release 3.2S(Cisco ASR 1000  Series)

Stateless NAT64是根据IP/ICMP Translation Algorithm:RFC 6145而来
(Cisco 2010年11月发布时还处于Draft阶段),不文就不讨论具体的协议原理和区别,仅关注Cisco设备上的配置思路和步骤等。

与此相关的RFC文档主要有:
Framework for IPv4/IPv6 Translation:RFC 6144
IP/ICMP Translation Algorithm:RFC 6145
DNS64: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers:RFC 6147
IPv6 Addressing of IPv4/IPv6 Translators:RFC 6052

基本组网图:

各接口的IP地址、前缀长度及NAT64 Prefix等如上图所示
DNS64服务器及其相关的配置不在本文中讨论,本文仅涉及Cisco设备中Stateless NAT64的部署与配置

基本配置步骤

  1. 1. enable
  2. 2. configure terminal
  3. 3. ipv6 unicast-routing
  4. 4. interface type number
  5. 5. description string
  6. 6. ipv6 enable
  7. 7. ipv6 address {ipv6-address/prefix-length | prefix-name sub-bits/prefix-length}
  8. 8. nat64 enable  //说明:在接口上使能Stateless NAT64转换
  9. 9. exit
  10. 10. interface type number
  11. 11. description string
  12. 12. ip address ip-address mask
  13. 13. nat64 enable  //说明:在接口上使能Stateless NAT64转换
  14. 14. exit
  15. 15. nat64 prefix stateless ipv6-prefix/length  //说明:配置Stateless NAT64转换中使用的Prefix及prefix length
  16. 16. nat64 route ipv4-prefix/mask interface-name number    //说明:将该IPv4网段的路由转发至IPv6接口做Stateless NAT64转换
  17. 17. end
复制代码
配置过程Example:
  1. Router> enable
  2. Router# configure terminal
  3. Router(config)# ipv6 unicast-routing
  4. Router(config)# interface giabitethernet0/0/0
  5. Router(config-if)# description interface  towards ipv4 side
  6. Router(config-if)# ipv6 enable
  7. Router(config-if)# ipv6 address 2001:db8::1/64
  8. Router(config-if)# nat64 enable
  9. Router(config-if)# exit
  10. Router(config)# interface giabitethernet0/0/1
  11. Router(config-if)# description interface towards ipv6 side
  12. Router(config-if)# ip address 192.0.2.1  255.255.255.0
  13. Router(config-if)# nat64 enable
  14. Router(config-if)# exit
  15. Router(config)# nat64 prefix stateless  2001:db8:1:1::/96
  16. Router(config)# nat64 route 192.0.2.0/24  gigabitethernet0/0/0
  17. Router(config)# end
复制代码
Stateless NAT64相关的完整配置如下:
  1. ipv6 unicast-routing
  2. !
  3. interface GigabitEthernet0/0/0
  4. description interface towards ipv6 side
  5. ipv6 address 2001:db8::1/64
  6. ipv6 enable
  7. nat64 enable
  8. !
  9. interface GigabitEthernet0/0/1
  10. description interface towards ipv4 side
  11. ip address 192.0.2.1  255.255.255.0
  12. nat64 enable
  13. !
  14. nat64 prefix stateless 2001:db8:1:1:/96
  15. nat64 route 192.0.2.0/24 GigabitEthernet0/0/0
复制代码
Stateless  NAT64相关的其它命令:
  1. Step 1 show nat64 statistics
  2. Step 2 show ipv6 route
  3. Step 3 show ip route
  4. Step 4 debug nat64 {all | ha {all | info | trace | warn} | id-manager | info | issu {all | message | trace} |
  5. memory | statistics | trace | warn}
  6. Step 5 ping [protocol [tag]] {host-name | system-address}
复制代码
  1. Router# show nat64 statistics
  2. NAT64 Statistics
  3. Global Stats:
  4. Packets translated (IPv4 -> IPv6): 21
  5. Packets translated (IPv6 -> IPv4): 15
  6. GigabitEthernet0/0/0 (IPv4 configured, IPv6 configured):
  7. Packets translated (IPv4 -> IPv6): 0
  8. Packets translated (IPv6 -> IPv4): 5
  9. Packets dropped: 0
  10. GigabitEthernet0/0/1 (IPv4 configured, IPv6 configured):
  11. Packets translated (IPv4 -> IPv6): 5
  12. Packets translated (IPv6 -> IPv4): 0
  13. Packets dropped: 0
复制代码

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?注册

x
您需要登录后才可以回帖 登录 | 注册

本版积分规则

Archiver|手机版|小黑屋|IPv6BBS ( 京ICP备13024693号 | 京公网安备11010802012238 )

GMT+8, 2020-11-25 01:26 , Processed in 0.021251 second(s), 18 queries .

Powered by Discuz! X3.4

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表