Feelings about NAT64/DNS64?
Graham Beneke
graham at neology.co.za
Wed Dec 8 14:09:07 CET 2010
On 08/12/2010 09:37, George Bonser wrote:
> I am leaning toward using NAT64/DNS64 as the primary migration strategy
> in the data center. Not sure yet what the best approach is on the user
> LANs.
I wouldn't think that this is such a great idea. NAT64 (like its
predecessor NAT44) is only really feasibly on the eyeballs/sink side of
the network. On the content/source side of the network you will most
likely need to be running dual stack for quite a while.
NAT64 in a data center is about the same as IPv6-only in a data center
from the client application's perspective.
> The bulk of my traffic is transacted with relatively few networks so
> once those go v6, the remaining v4 traffic will be manageable with
> NAT64. And it becomes much easier to do a one-time migration to v6 than
> to do a dual-stack migration and have to maintain two sets of
> everything. Basically the traffic pattern is a huge amount of traffic
> with a handful of networks and the remaining 15% of the traffic
> scattered across the entire planet but it is repetitive so things like
> DNS caching provide good economy and shouldn't beat up the servers
> providing the DNS64 portion.
NAT64 is not that different from NAT44. You shouldn't be putting servers
behind a NAT64 unless you are intending to make them unreachable on the
IPv4 Internet.
The end goal is obviously IPv6-only but you probably don't want to drop
the IPv4 side of your infrastructure until you have less than 1% of your
traffic going via that protocol.
--
Graham Beneke
More information about the ipv6-ops
mailing list