From: srdja blagojevic (srdja1@pexim.co.yu)
Date: Sun Feb 11 2007 - 05:44:57 ART
My gess is that you put ipv6 nat prefix on wrong interface. From DocCD
(Config Guide):
...The NAT-PT prefix is used to match a destination address of an IPv6
packet. If the match is successful, NAT-PT will use the configured address
mapping rules to translate the IPv6 packet to an IPv4 packet....
This mean that you should put it on Gi0/1 since on that interface you will
have destination ipv6 prefix. I guess that better practise is to put ipv6
nat prefix in global config mode.
HTH,
Srdja
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
nhatphuc
Sent: Sunday, February 11, 2007 04:34
To: Cisco certification
Subject: Problem with NAT-PT Static
Hi GS,
I configure NAT-PT as follow:
interface GigabitEthernet0/0
ip address 172.16.1.1 255.255.255.0
duplex auto
speed auto
ipv6 enable
ipv6 nat prefix 2001::/96
ipv6 nat
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 nat
ipv6 nat v4v6 source 172.16.1.2 2001::20
ipv6 nat v6v4 source 2001:1:1::10 172.16.1.20
I can ping from IPv6 Host, but don't receive any reply:
R(config)#do sh ipv6 nat trans
Prot IPv4 source IPv6 source
IPv4 destination IPv6 destination
--- --- ---
172.16.1.2 2001::20
--- 172.16.1.20 2001:1:1::10
--- ---
C:\>ping 2001::20
Pinging 2001::20 from 2001:1:1::10 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 2001::20:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), C:\>
R(config)#
*Feb 10 20:28:55.327: IPv6 NAT: icmp src (2001:1:1::10) -> (172.16.1.20),
dst (2001::20) -> (172.16.1.2) *Feb 10 20:28:59.947: IPv6 NAT: icmp src
(2001:1:1::10) -> (172.16.1.20), dst (2001::20) -> (172.16.1.2) *Feb 10
20:29:04.947: IPv6 NAT: icmp src (2001:1:1::10) -> (172.16.1.20), dst
(2001::20) -> (172.16.1.2) *Feb 10 20:29:09.947: IPv6 NAT: icmp src
(2001:1:1::10) -> (172.16.1.20), dst (2001::20) -> (172.16.1.2) R(config)#do
sh ipv6 nat trans
Prot IPv4 source IPv6 source
IPv4 destination IPv6 destination
--- --- ---
172.16.1.2 2001::20
--- 172.16.1.20 2001:1:1::10
172.16.1.2 2001::20
--- 172.16.1.20 2001:1:1::10
--- ---
R(config)#
From IPv4 host, I ping:
HostIPv4#ping 172.16.1.20
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.20, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
From ROUTER NAT-PT, I can ping both:
R#ping 172.16.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms R#ping
2001:1:1::10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:1:1::10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/4 ms R#
Did I miss anything?
Thanks
This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:46 ART