From: simon hart (simon.hart@btinternet.com)
Date: Mon Apr 25 2005 - 14:56:50 GMT-3
Hi Tim,
I can confirm that the NAT prefix does not need to relate to the interface
address at all. The NAT prefix can be something entirely different.
The NAT prefix is used entirely for the destination address prior to
translating to the IPv4 address. The examples shown on the DocCd do seem to
illustrate that the address from the interface and the NAT prefix are
related, but this is not required. In fact if you look at page 350 you will
see the configuration examples show that a NAT prefix of 3ffe:b00:0::/96 and
an IPV6 interface address of 3002::9/64
The NAT prefix does need to be advertised to the IPv6 routing domain, a
variety of methods are open to you
1. Static configuration on each router (Not allowed on the Lab I would
guess!)
2. RIPng
3. OSPFv3
4. ISIS
5. BGP - but not tried it :)
In order to advertise into one of the above dynamic routing protocols you
need to issue the redistribute connected command. The NAT prefix is assigned
to a Null interface. If no other Nulls have been defined it will default to
Null 0.
Therefore if you wish to refine your redistribute connected to just the Nat
Prefix you will need to use a route map, with a match interface Null0
HTH
Simon
PS been off line for a couple of days - will catch up later.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
ccie2be
Sent: 25 April 2005 17:46
To: 'Bob Sinclair'; 'Group Study'
Subject: RE: ipv6 - NAT-PT
Bob,
I should also probably stay away from any clear non-water liquids.
Thankfully, some people know to speak verrry slooooooowly when I get this
way.
Thanks
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Bob
Sinclair
Sent: Monday, April 25, 2005 11:48 AM
To: ccie2be; 'Group Study'
Subject: Re: ipv6 - NAT-PT
Tim,
I am sure this is a momentary lapse on your part! Please put any sharp
objects out of reach before proceeding!
############################################################################
#
################
Would you agree that, say, 172.16.10.0/24 is carved from (a subnet of)
172.16.0.0/16?? Aren't subnets of longer mask length than their parents?
Re advertising the nat prefix /96: RIPng or OSPF v3 should do the job
nicely
HTH,
Bob Sinclair
CCIE #10427, CCSI 30427, CISSP
www.netmasterclass.net
----- Original Message -----
From: ccie2be
To: 'Bob Sinclair' ; 'Group Study'
Sent: Monday, April 25, 2005 11:43 AM
Subject: RE: ipv6 - NAT-PT
Hey Bob,
Yes, I have that book and I checked to see if it shed anymore light on
these
questions prior to my posting on GS.
Unfortunately, that book didn't have anymore info about this than what was
in the Cisco doc.
But, I fully agree with you about that Cisco Press book - a must read for
all current ccie candidates.
Getting back to this issue of the nat /96 prefix - how is a /96 prefix
"carved" from a /64 bit address?
I could understand how that would work in reserve i.e. carving a /64
prefix
from a /96 prefix.
And, also, if there's no requirement for the interface ipv6 address to be
related to the nat prefix, how would that prefix be advertised?
Thanks for getting back to me.
Tim
_____
From: Bob Sinclair [mailto:bsin@cox.net]
Sent: Monday, April 25, 2005 11:30 AM
To: ccie2be; Group Study
Subject: Re: ipv6 - NAT-PT
Hi Tim,
Per my experience, the ipv6 nat prefix does not necessarily match any
portion of the interface addresses. I suspect the example assumes one
would
carve one's /96 nat prefix from one's assigned /64 space. You are
certainly on the right track re the necessity to advertise the /96 nat
prefix to other routers. Have you seen the Regi Desmeules IPV6 book from
Cisco Press? Definitely a must have, IMHO.
HTH,
Bob Sinclair
CCIE #10427, CCSI 30427, CISSP
www.netmasterclass.net
----- Original Message -----
From: ccie2be <mailto:ccie2be@nyc.rr.com>
To: Group Study <mailto:ccielab@groupstudy.com>
Sent: Monday, April 25, 2005 10:55 AM
Subject: ipv6 - NAT-PT
Hi guys,
I've been going over the Cisco doc's on this
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/ipv
6
_c/sa_natpt.htm
and it seems to me there are a lot of conceptual blanks that need to be
filled in.
I'm hoping with the help of GS to be able to fill-in those blanks.
If you look at page 338 from the above link, you'll see that a portion of
the ipv6 address assigned to the interface matches the ipv6 nat prefix
defined in step 3.
My guess is that is required but the doc doesn't say so. Is that
required?
Also, notice that only the first 8 hex digits of the ipv6 address match
the
ipv6 nat prefix.
Why only the first 8 hex digits?
Also, I assume that some IGP must be used to advertise the ipv6 nat prefix
although none of the examples show this. My reasoning is this: If the
other ipv6 routers don't know where the nat-pt router is, they can't send
packets to it. I also assume that the reason the interface has an ipv6
address that partially matches the ipv6 nat prefix is so that when an IGP
is
configured on that interface, then the other ipv6 routers will know how to
reach the nat-pt router.
Is that assumption correct?
I'm doing my best to try to fill-in the blanks but I'm completely guessing
about all these things.
Can someone explain what's really going on with this and if I'm on the
right
track?
TIA, Tim
_______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
_______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Tue May 03 2005 - 07:55:08 GMT-3