Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

NAT-PT configuration help

All,

I'm playing with IPv6 and NAT-PT. I can't get it to work at all. I'm trying to translate from v4 to v6. If I address a loopback interface on the v4 router and ping a v6 address sourcing from the loopback, it works fine. If I ping from a host that's connected to the switch, it doesn't work. What I have is:

Host(192.168.2.15)-><f0/1(192.168.2.1)>RouterA<f0/0(2001:3cad:2:3/64) --> <g0/0(2001:3cad:2:1/64)RouterB

On RouterA, I've got:

int fa0/0:

ipv6 address autoconfig

ipv6 nat

int fa0/1:

ip address 192.168.2.1 255.255.255.0

ipv6 nat

ipv6 nat v4v6 192.168.2.15 2001:3cad:2::15

ipv6 nat prefix 2001:3cad:2::/96

I can't ping from the 192.168.2.15 host. Two things I've noticed from looking at other configs:

1.) There always seems to be a v6v4 config as well. (Do I really need this to get it to work?)

2.) The networks that are translated don't always match what their destination networks will be. (192.168.5.15 translated to 192.168.6.16 toward a 192.168.7.0/24 subnet) <-- I know....makes no sense. :)

Thanks,

John

HTH, John *** Please rate all useful posts ***
4 REPLIES
Cisco Employee

Re: NAT-PT configuration help

Hi John,

You need a v6v4 entry otherwise:

- Router A doesn't know which IPv4 address to use as the source address when it receives the Echo reply. It only knows how to translate the destination address

- it will tell you which IPv4 address to ping from your host

ipv6 nat v6v4 2001:3cad:2:1 192.168.2.254 (any available IP address in this subnet)

HTH

Laurent.

Re: NAT-PT configuration help

Laurent,

Thanks for the reply. I still can't get it to work, but I think it's because of the other router.

RouterB has one interface using v6 addressing: 2001:3cad:2::1.

On RouterA (NAT-PT) I have one interface using v6 and one using v4. I have a laptop with only v4 addressing.

RouterA has something like:

ipv6 nat v4v6 192.168.2.15 2001:3cad:2::29

ipv6 nat v6v4 2001:3cad:2::1 192.168.2.254

I still can't ping anything, but I can see the translations happening with debug. I've got a default ipv6 route on RouterB like ::0/0 RouterA's v6 address, but that's not working either. I can't ping the 192.168.2.254 from RouterB either.

How would I be able to add a router to a v4 subnet on a v6 router? I tried 192.168.2.0 255.255.255.0 g1/0, but that didn't work either. (G1/0 is v6 addressed interface.)

Thanks!

John

HTH, John *** Please rate all useful posts ***
Cisco Employee

Re: NAT-PT configuration help

Could you try with a /96 prefix which does not overlap with your current /64 prefix.

Keep your default v6 route on router B

You can also activate deb ipv6 icmp and debug ipv6 packets on router B during the test in addition of checking NAT really occurs on router A.

HTH

Laurent.

Re: NAT-PT configuration help

Laurent,

Thanks for the replies :) I made the changes, but still no luck. Although, I now see that it's definitely getting to the other router and being translated outbound correctly:

*May 27 15:51:47.962: ICMPv6: Received echo request from 2001:3CAD:1A00:2::29

*May 27 15:51:47.962: ICMPv6: Sending echo reply to 2001:3CAD:1A00:2::29

*May 27 15:51:52.958: ICMPv6: Received ICMPv6 packet from FE80::207:EFF:FE63:8C29, type 135

Bolded is the local-link address for RouterA's v6 addressed interface. Bold and Italicized is the natted address of my host (192.168.2.15). The return traffic is configured on RouterA like:

ipv6 v6v4 source 2001:3CAD:1A00:2::1 192.168.2.254

The interface on RouterB is addressed as 2001:3CAD:1A00:2::1.

My question is how will my return traffic reach my .2.15 host if the return traffic is natted back to the .2.254 address?

Here's the default route on RouterB:

S ::/0 [1/0]

via 2001:3CAD:1A00:2::23

Thanks!

HTH, John *** Please rate all useful posts ***
170
Views
9
Helpful
4
Replies