Tayga as NAT64 only, not router

Bjørn Mork bjorn at mork.no
Mon Mar 19 09:50:42 CET 2012


Andy Davidson <andy at nosignal.org> writes:
> On 16 Mar 2012, at 18:51, Dick Visser wrote:
>
>> I guess adding a MASQUERADE step using a large enough RFC1918 block
>> is the only way out here?
>
> Or using a stateful NAT64 (*vomit in mouth*) gateway ?  Have you
> considered this ?  Is the software availability good ?

Won't tayga + masquerading equal stateful NAT64?  Is there any better
solution? Somehow I don't see any advantages to doing this in one step
instead of two simple ones.

> I ask because, well, if each v6 client will consume a v4 address on
> the 64 gateway, this does not help us sidestep the v4 exhaustion issue
> very cleanly. :-)

Only the ones actually needing access to the v4 Internet.

By implementing a few application specific solutions on IPv6 (like http
proxy and smtp gateway) and agressivily filtering unwanted IPv4 traffic,
you can easily keep that number considerably lower than "all clients".


Bjørn



More information about the ipv6-ops mailing list