Hi, Yes, this will work. This technique is quite widely used, and is one reason for this draft: http://www.ietf.org/internet-drafts/draft-palet-v6ops-proto41-nat-01.txt
Essentially you forward the protocol 41 from the NAT to the internal host. It is quite a popular "trick" with our students in their home DSL LANs. The problem is that this only works for one host within the NAT network, so if the NAT encompasses many sites, you're stuck. Cheers, Tim On Wed, Oct 22, 2003 at 07:03:44PM +0900, Jisuek.Lim wrote: > > Hello all, > > I have a idea about communication method with 6to4 tunnel. > > Generally, we think a host who has private IPv4 address(because it is > behind NAT device) can not communicate with IPv6 host globally by > tunneling(6to4, config tunnel ..) But there is a way using 6to4 > tunnel. > > When we config 6to4 config on a host(for example windows2000 station) > we assign the host's IPv4 address to the host's 6to4 address(next to > 2002:). And we know the host's IPv4 address shoud be public IPv4 > address. > > But, if we use the public IPv4 address which is on NAT device's > external interface to make the host's 6to4 address, the host can > communicate with IPv6 host globally using 6to4 tunnel and relay > router. Following are do list. > > 1. Map the NAT device's public address(select one) to the host's > private address(configure on the NAT) > > 2. On the NAT device, make a policy which permit incomming > traffic which has protocol number 41 to the host's private address > > 3. Change the NAT device's public IPv4 address(which you > selected) to hex. format. > > 4. Configure the host's 6to4 address using upper hex. > > 5. Add route table for 2002 traffic to tunnel interface, and > ::/0 to relay router(relay router is provided by some orgnization) > > > And then,...try ping6 to any IPv6 address. following is the result of > my own test. > > > C:\>ping6 6to4.ipv6.fh-regensburg.de > > Pinging 6to4.ipv6.fh-regensburg.de [2002:c25f:6cbf:1::1] with 32 bytes > of data: > > > Reply from 2002:c25f:6cbf:1::1: bytes=32 time=330ms > > Reply from 2002:c25f:6cbf:1::1: bytes=32 time=329ms > > Reply from 2002:c25f:6cbf:1::1: bytes=32 time=329ms > > > C:\> > > C:\>ping6 www.kame.net > > > Pinging orange.kame.net [2001:200:0:8002:203:47ff:fea5:3085] with 32 > bytes of data: > > > Reply from 2001:200:0:8002:203:47ff:fea5:3085: bytes=32 time=117ms > > Reply from 2001:200:0:8002:203:47ff:fea5:3085: bytes=32 time=72ms > > Reply from 2001:200:0:8002:203:47ff:fea5:3085: bytes=32 time=68ms > > Reply from 2001:200:0:8002:203:47ff:fea5:3085: bytes=32 time=71ms > > > C:\> > > > Following is my computer's IP config > > > C:\>ipconfig > > > Windows 2000 IP Configuration > > > Ethernet adapter : > > > Connection-specific DNS Suffix . : > > IP Address. . . . . . . . . . . . : 192.168.1.60 > > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > > Default Gateway . . . . . . . . . : 192.168.1.254 > > > C:\> > > > as you know 192.168.1.60 is private address !! > > Try it. > > Thanks. > > Jisuek. Lim -------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
