NAT. PT configuration scheme in IPv4 and IPv6 (1)

During the transition between IPv4 and IPv6, we have proposed a number of solutions for coexistence of the two. Now we will introduce in detail the specific content about the NAT. PT communication process. As the configuration model in this article, we have shown it below.

NAT. PT communication process

The following analyzes the communication process of NAT-PT in the network for the communication model and its basic configuration ｡

(1) communication between IPv4 and IPv6 when IPv4 host B communicates with IPv6 host A for the first time, it first sends A query request for the name of A to the DNS server on the local network, this request record is "A", the local DNS server does not have this name record, this query is transferred through the NAT-PT, It is intercepted by the DNS-ALG, and then the "A" record is changed to the "AAAA" record, the converted query records are directly submitted to the DNS server of the IPv6 network. The DNS server of the IPv6 network returns:

Host a aaaa 200 1: 250: 2000: 3: 3

The DNS-ALG intercepts the response and changes the "AAAA" record to "A" record, and searches for the ing address for this IPv6 address in the address ing table, if any, replace the IPv6 address in the DNS response with the ing IPv4 address and return the IPv6 ing to IPv4 host B. If no, the NAT module requests a ing address to this IPv6 address, after the NAT validation ing table does not have a ing table for this IPv6 address, allocate an idle IPv4 address (for example, 202.115.9.249) in the address pool to the IPv6 address, and add this binding table entry in the ing table, and finally return the assigned IPv4 address to the DNS-ALG, then the DNS response becomes:

Host A 202.115.9.249

The DNS-ALG returns this DNS response to IPv4 host B. IPv4 host B can now establish communication with IPv6 host A, where assuming IPv4 host B initiates TCP communication: source Address = 202.115.8.3, source TCP port = 1 025; destination address = 202.115.9.249, destination TCP port = 80 ｡

This packet is forwarded to the NAT-PT by the router, protocol translation module PT converts the source packet's IP header and TCP validation, adding an IPv6 prefix before the source address, to the IPv4 ing IPv6 address, based on the 20ing between 202.115.9.249 and 2001: 250: 2000: 3: 3 in the NAT address ing table, the packet is translated as: Source Address = 2001: 250: 2000: 3 :: 202.1 15.8.3, source TCP port = 1 025; destination address = 2001: 250: 2000: 3: 3, destination TCP port = 80 ｡

In this way, IPv4 communicates with the IPv6 host. Subsequent communications within the lifetime of the ing table will continue to use this table item. After the ing table item times out, it will be deleted, the timeout mechanism of ing table items is introduced to release address resources and memory, and reduce the risk of DoS attacks ｡

(2) communication between IPv6 and IPv4 IPv6 hosts can be obtained from the DNS server in the IPv4 network: IPv4 host name resolution, however, if an appropriate name resolution table is cached on the IPv6DNS server, the communication efficiency can be improved, the IPv6 host can obtain the IPv4 host name resolution from the local IPv6DNS server. If IPv6DNS uses the above scheme: in Figure 3, if IPv6 host A tries to establish communication with IPv4 host B, A first sends A query request for IPv4 host B's name to the DNS server of the local IPv6 network, this request record is "AAAA" or "A6", because host B may have IPv4 address or IPv6 address ing in the local DNS, the DNS-ALG will forward this "AAAA" or "A6" query to the local DNS without modification, if the local DNS response returns an "AAAA" or "A6" record, then the DNS-ALG will return this response to IPv6 host A without modification. If the DNS returns A "A" record, that is:

Host B A 202.115.8.3