Configuring a NAT64 Address Pool

A NAT64 address pool can be created so that you can define a public IPv4 address range for a NAT64 address pool and assign the address pool to a specific NAT64 instance before the instance translates between private IPv6 addresses and public IPv4 addresses.

Context

A NAT64 address pool is essential to NAT64 implementation. When IPv6 user data packets are sent to a NAT64 CGN device, an IPv4 address must be allocated from the NAT64 address pool to the packets so that the packets are transmitted over an IPv4 network. NAT64 supports the following address translation methods:

  • Port address translation (PAT): NAT64 translates both IP addresses and port numbers between private and public networks. PAT allows multiple users within a private network to use a minimal number of public IP addresses. PAT is used more often than No-PAT.

  • No-Port Address Translation (No-PAT): Only the IP address in a packet is replaced.

The following address translation mode is supported based on NAT64 address translation methods:

Symmetric mode: also called the 5-tuple mode. A 5-tuple entry contains a source IP address, source port number, protocol type, destination IP address, and destination port number, which is used to translate addresses and filter packets. If packets carrying the same source IP address and port number but different destination IP addresses and port numbers are translated by a device using NAT64, the source IP address and port number in the packets are translated into different external IP addresses and port numbers. In addition, the device allows only the external network hosts with these destination IP addresses to use the translated IP addresses and port numbers to visit internal network hosts.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run nat64 instance instance-name [ id id ]

    The NAT64 instance view is displayed.

  3. Create a NAT64 address pool and specify the mode of assigning address ranges. Perform either of the following operations:

    • Run nat64 address-group address-group-name group-id group-id start-address { mask { mask-length | mask-ip } | end-address } [ vpn-instance vpn-instance-name ] [ no-pat ]

      An address pool is created by specifying an address range in the NAT64 instance view.

    • Run the nat64 address-group address-group-name group-id group-id [ vpn-instance vpn-instance-name ] [ no-pat ] command to enter the NAT64 address pool view and run the section section-id start-address { mask { mask-length | mask-ip } | end-address } command to specify an address range in the NAT64 address pool view.

    The NAT64 address pool cannot contain the IP address of a DHCP server. Otherwise, a message indicating a conflict is displayed.

  4. (Optional) Exclude a specific IP address or a range of IP addresses in an address range from NAT64 translation.

    • To exclude a specific IP address or a range of IP addresses in an address range from NAT64 translation, run the section section-id exclude-ip-address start-address [ end-address ] command.

    • Run the quit command to re the NAT64 instance view. Run the nat64 address-group exclude-ip-address command in the NAT64 instance view to exclude a specific IP address or a range of IP addresses in the address pool from NAT64 translation.

  5. Run commit

    The configuration is committed.

Parent Topic: Configuring Basic NAT64 Functions
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >