From: Joseph Brunner (joe@affirmedsystems.com)
Date: Mon Oct 08 2007 - 20:50:28 ART
Remove me
ip route 100.100.100.0 255.255.255.0 Null0
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
jim.gentry@aig.com
Sent: Monday, October 08, 2007 5:51 PM
To: ccielab@groupstudy.com
Subject: IPV6 Static NAT Problem
Well it was bound to happend. After five months of study I've finally run
across something I can't solve and can't find a solution to in the posts.
Can anybody help with this one? I've enabled ipv6 nat translation in both
directions on r6 which can ping r1 & r2. An ipv4 ping from r1 to r2 drops
half the packets. An ipv6 ping from r2 to r1 gets no response at all.
r1 => s1 => s4 => r6 => r2
r6>
interface GigabitEthernet0/0
no ip address
ipv6 address FEC0:0:0:AAAA::/64 eui-64
ipv6 nat
ipv6 ospf 1 area 0
!
interface GigabitEthernet0/1
ip address 1.1.4.16 255.255.255.0
ipv6 enable
ipv6 nat
!
router eigrp 1
redistribute connected
redistribute static
passive-interface GigabitEthernet0/0
network 1.1.0.0 0.0.255.255
network 150.0.0.0 0.255.255.255
default-metric 1536 2000 255 1 1500
no auto-summary
!
ip route 100.100.100.0 255.255.255.0 Null0
!
ipv6 router ospf 1
router-id 150.1.6.6
log-adjacency-changes
redistribute connected metric 5
redistribute static metric 5
!
ipv6 nat v4v6 source 1.1.1.11 2001:DB8::2
ipv6 nat v6v4 source FEC0::AAAA:250:73FF:FE03:E341 100.100.100.1
ipv6 nat prefix 2001:DB8::/96
------------------------------------------------------------------
r6#sho ipv nat trans
Prot IPv4 source IPv6 source
IPv4 destination IPv6 destination
--- --- ---
1.1.1.11 2001:DB8::2
--- 100.100.100.1 FEC0::AAAA:250:73FF:FE03:E341
1.1.1.11 2001:DB8::2
--- 100.100.100.1 FEC0::AAAA:250:73FF:FE03:E341
--- ---
-------------------------------------------------------------------
r1#ping 100.100.100.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.100.100.1, timeout is 2 seconds:
!.!.!
Success rate is 60 percent (3/5), round-trip min/avg/max = 1/2/4 ms
r6# debug ipv6 nat detailed
Oct 8 16:28:08.943: IPv6 NAT:v4tov6 entry not found
Oct 8 16:28:10.055: IPv6 NAT: ipv6nat_find_entry_v4tov6:
ref_count = 1,
usecount = 0, flags = 64, rt_flags = 0,
more_flags = 0
Oct 8 16:28:10.059: IPv6 NAT: ipv6nat_find_entry_v4tov6:
ref_count = 1,
usecount = 0, flags = 64, rt_flags = 0,
more_flags = 0
Oct 8 16:28:10.059: IPv6 NAT: icmp src (FEC0::AAAA:250:73FF:FE03:E341) ->
(100.100.100.1), dst (2001:DB8::2) -> (1.1.1.11)
Oct 8 16:28:12.059: IPv6 NAT: ipv6nat_find_entry_v4tov6:
ref_count = 1,
-------------------------------------------------------------------
r2#ping 2001:DB8::2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8::2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
debug ipv nat det
IPv6 NAT-PT detailed debugging is on
r6#
Oct 8 16:31:39.740: IPv6 NAT:v4tov6 entry not found
Oct 8 16:31:40.809: IPv6 NAT:v4tov6 entry not found
Oct 8 16:31:41.349: IPv6 NAT:v4tov6 entry not found
Oct 8 16:31:41.709: IPv6 NAT: ipv6nat_find_entry_v4tov6:
ref_count = 1,
usecount = 1, flags = 513, rt_flags = 0,
more_flags = 0
Oct 8 16:31:41.709: IPv6 NAT: Dropping v6tov4 packet
Oct 8 16:31:43.709: IPv6 NAT: ipv6nat_find_entry_v4tov6:
ref_count = 1,
usecount = 1, flags = 513, rt_flags = 0,
more_flags = 0
Oct 8 16:31:43.709: IPv6 NAT: Dropping v6tov4 packet
This archive was generated by hypermail 2.1.4 : Fri Nov 16 2007 - 13:11:12 ART