The same would work also for ISATAP (see: isatap.com), except that ISATAP can use any IPv6 prefix, i.e., not just 2002::/16. (Besides; 2002 was *last* year...)
Fred
[EMAIL PROTECTED]
Tim Chown wrote:
Hi,
Yes, this will work. This technique is quite widely used, and is one reason for this draft: http://www.ietf.org/internet-drafts/draft-palet-v6ops-proto41-nat-01.txt
Essentially you forward the protocol 41 from the NAT to the internal host.
It is quite a popular "trick" with our students in their home DSL LANs.
The problem is that this only works for one host within the NAT network, so if the NAT encompasses many sites, you're stuck.
Cheers, Tim
On Wed, Oct 22, 2003 at 07:03:44PM +0900, Jisuek.Lim wrote:
Hello all,
I have a idea about communication method with 6to4 tunnel.
Generally, we think a host who has private IPv4 address(because it is behind NAT device) can not communicate with IPv6 host globally by tunneling(6to4, config tunnel ..) But there is a way using 6to4 tunnel.
When we config 6to4 config on a host(for example windows2000 station) we assign the host's IPv4 address to the host's 6to4 address(next to 2002:). And we know the host's IPv4 address shoud be public IPv4 address.
But, if we use the public IPv4 address which is on NAT device's external interface to make the host's 6to4 address, the host can communicate with IPv6 host globally using 6to4 tunnel and relay router. Following are do list.
1. Map the NAT device's public address(select one) to the host's private address(configure on the NAT)
2. On the NAT device, make a policy which permit incomming traffic which has protocol number 41 to the host's private address
3. Change the NAT device's public IPv4 address(which you selected) to hex. format.
4. Configure the host's 6to4 address using upper hex.
5. Add route table for 2002 traffic to tunnel interface, and ::/0 to relay router(relay router is provided by some orgnization)
And then,...try ping6 to any IPv6 address. following is the result of my own test.
C:\>ping6 6to4.ipv6.fh-regensburg.de
Pinging 6to4.ipv6.fh-regensburg.de [2002:c25f:6cbf:1::1] with 32 bytes of data:
Reply from 2002:c25f:6cbf:1::1: bytes=32 time=330ms
Reply from 2002:c25f:6cbf:1::1: bytes=32 time=329ms
Reply from 2002:c25f:6cbf:1::1: bytes=32 time=329ms
C:\>
C:\>ping6 www.kame.net
Pinging orange.kame.net [2001:200:0:8002:203:47ff:fea5:3085] with 32 bytes of data:
Reply from 2001:200:0:8002:203:47ff:fea5:3085: bytes=32 time=117ms
Reply from 2001:200:0:8002:203:47ff:fea5:3085: bytes=32 time=72ms
Reply from 2001:200:0:8002:203:47ff:fea5:3085: bytes=32 time=68ms
Reply from 2001:200:0:8002:203:47ff:fea5:3085: bytes=32 time=71ms
C:\>
Following is my computer's IP config
C:\>ipconfig
Windows 2000 IP Configuration
Ethernet adapter :
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.60
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.254
C:\>
as you know 192.168.1.60 is private address !!
Try it.
Thanks.
Jisuek. Lim
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[EMAIL PROTECTED]
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
-------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
