Using NAT64 in front of IPv6-only servers

Ted Mittelstaedt tedm at ipinc.net
Thu Mar 31 20:00:20 CEST 2011 

I know I'm responding to troll bait but I can't help myself.

Pardon me if I'm wrong but the entire point of setting up a
server "farm" is redundancy - after all, Walnut Creek proved very
conclusively a decade ago that a regular dual Xeon could support
over 2000 simultaneous FTP sessions on FreeBSD on a single box.
You don't need a farm for the applications, you need it for
the redundancy.

And so when you put this nat64 in, your wicking all access to
this redundant farm to a single, non-redundant nat64 box.

Seems to me that a wiser course of action would be to dual-stack
everything.

Ted

On 3/31/2011 10:51 AM, Tore Anderson wrote:
> Hi list,
>
> I've been thinking a bit about how to go about deploying IPv6-only
> applications in the data centre. I don't want to do dual-stack more
> than necessary; after all, dual-stack means I have to do double work.
>
> Setting up a new application on an IPv6-only server farm shouldn't be
> difficult (provided that all the software supports it of course).
> However, the public services would obviously need to be available from
> the IPv4 internet as well, and I was thinking I could use something
> like NAT64 (stateless, no DNS64) to do that. For example:
>
> 1) An IPv6-only HTTP server is listening on [2a02:c0::1]:80
>
> 2) I route 2a02:c0:64::/96 and 87.238.32.1/32 to a NAT64 device
>
> 3) I configure the NAT device to perform these translations:
>
>     Inbound traffic from clients on the IPv4 internet:
>       From: SRC=${IPv4-CLIENT}              DEST=87.238.32.1
>       To:   SRC=2a02:c0:64::${IPV4-CLIENT}  DEST=2a02:c0::1
>     Reply traffic:
>       From: SRC=2a02:c0::1   DEST=2a02:c0:64::${IPV4-CLIENT}
>       To:   SRC=87.238.32.1  DEST=${IPV4-CLIENT}
>
>     Obviously the ${IPV4-CLIENT}<->  2a02:c0:64::${IPV4-CLIENT}
>     translations would have to done dynamically by the device.
>
> 4) Finally I publish the following information in DNS:
>
>     www.example.com. IN A    87.238.32.1
>     www.example.com. IN AAAA 2a02:c0::1
>
> My questions are:
>
> - Is anyone actually doing something like this already?
> - Is there any reason why this wouldn't work fine?
> - Are there any NAT64 implementations that could do this? (The ones
>    I've looked at so far appear to be intended to be used in
>    conjunction with DNS64 as a stateful CGN for IPv6-only clients.)
>
> Best regards,

More information about the ipv6-ops mailing list