From: shiran guez (shiranp3@gmail.com)
Date: Sun Nov 04 2007 - 03:40:51 ART
What Typo, belive me I went trough that Doc and the RFC back and fwd.
On Nov 4, 2007 12:02 AM, Tarun Pahuja <pahujat@gmail.com> wrote:
> Shiran,
> I see a couple of typos in your config(Hint!), Please look
> at the following URL and hopefully you will be able to find out for
> yourself what the problem was ;-)
>
>
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/ipv6_c/sa_natpt.htm#wp1057653
>
> HTH,
> Tarun
>
> On 11/3/07, Chris Riling <criling@gmail.com> wrote:
> > Yes, I realize it's translating between different protocols, hence the
> name
> > NAT- Protocol Translation... As I said, I didn't have an extensive
> amount of
> > lab experience with it, and didn't offer my explanation as an "end all
> fix
> > all" explanation, just my point of view...
> >
> > On 11/3/07, shiran guez <shiranp3@gmail.com> wrote:
> > >
> > > Chris, for your benefit I suggest you try to test it on a live router
> or
> > > Dynamips and after few hours I Guss you will come back here and ask
> what we
> > > asked here.
> > >
> > > NAT-PT is not like NAT as NAT is translating one IP to another IP,
> NAT-PT
> > > is a protocol translator, the router need to translate each packet
> from one
> > > protocol to another.
> > >
> > > Read the RFC 2766 you will see all the complexity behind it.
> > >
> > >
> > >
> > >
> > > On 11/3/07, Chris Riling <criling@gmail.com> wrote:
> > > >
> > > > I don't really have a lot of experience with NAT-PT per se, so I'm
> not
> > > > claiming any bit of correctness here, but I've read the article in
> the v6
> > > > section of the DocCD and I've done a little bit of research, and
> this is how
> > > > I basically understand it in my screwed up little head:
> > > >
> > > > It's basically configured the same as IPv4 NAT, just slightly
> different
> > > > commands to enable NAT under the interfaces themselves - "ipv6 nat",
> butthe
> > > > general process is the same. You're just rewriting packets as you
> > > > forward between stacks instead of public / private v4 space in the
> same
> > > > stack. (in most scenarios, like we're used to).
> > > >
> > > > I think you guys are getting somewhat confused in the fact that you
> guys
> > > > are also talking about IPv4 compatible v6 addresses, which
> incorporate the
> > > > hex equivalent of a v4 address in the low order bits of a v6 address
> - this,
> > > > as I understand it, is not necessary when dealing with NAT-PT, only
> > > > in tunneling scenarios... You can play with this at a site like
> > > > www.ip-lookup.net and compare it while you play with windows
> calulator
> > > > and do the dec --> hex conversion, until you get a feel for how that
> > > > works...
> > > >
> > > > I'm probably wrong, but I thought I'd take a crack at it :)
> > > >
> > > > Thanks,
> > > >
> > > > Chris
> > > >
> > > >
> > > > On 11/2/07, shiran guez <shiranp3@gmail.com > wrote:
> > > > >
> > > > > Tried already to ping the hex the bin the dec and every other
> format I
> > > > > can
> > > > > think of, things are not clear here both logically and not
> > > > > technically.
> > > > >
> > > > > I hope to find some more answerer's about this soon that will
> clear
> > > > > the air
> > > > > as there is noting more annoying to read and test something and
> not
> > > > > understand how and why it do not work.
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On 11/2/07, Phillip.McCollum@ins.com < Phillip.McCollum@ins.com>
> > > > > wrote:
> > > > > >
> > > > > > Shiran,
> > > > > >
> > > > > >
> > > > > >
> > > > > > After looking over the documentation again, you're right, it's
> not
> > > > > very
> > > > > > clear. I believe that from the IPv6 source host, you need to
> ping
> > > > > the HEX
> > > > > > version of the IPv4 address appended to the NAT-PT prefix. So in
> > > > > your
> > > > > > example below, if you want to reach 10.1.45.5, you need to ping
> > > > > > 2000::0a01:2D05. Give that a shot and let us know the results!
> This
> > > > > document
> > > > > > seems to spell things out a little better:
> > > > > >
> > > > > >
> > > > > >
> > > > > > http://tinyurl.com/ypo3kx
> > > > > >
> > > > > >
> > > > > >
> > > > > > HTH,
> > > > > >
> > > > > > Phillip
> > > > > >
> > > > > >
> > > > > >
> > > > > > *From:* shiran guez [mailto: shiranp3@gmail.com]
> > > > > > *Sent:* Thursday, November 01, 2007 11:12 PM
> > > > > > *To:* McCollum, Phillip
> > > > > > *Cc:* ccielab@groupstudy.com
> > > > > > *Subject:* Re: IPV6 NAT-PT
> > > > > >
> > > > > >
> > > > > >
> > > > > > what dose it mean destination
> > > > > > address = 2000:: 192.168.1.1 how can you ping 2000::192.168.1.1
> > > > > >
> > > > > >
> > > > > >
> > > > > > R4#ping 2000:: 10.1.45.5
> > > > > > % Unrecognized host or address, or protocol not running.
> > > > > >
> > > > > > interface Ethernet0/1
> > > > > > no ip address
> > > > > > half-duplex
> > > > > > ipv6 address 2001:CC1E:146:146::4/64
> > > > > > ipv6 nat
> > > > > > ipv6 rip RIPng enable
> > > > > > ipv6 rip RIPng default-information originate
> > > > > > !
> > > > > > !
> > > > > > interface Serial1/1
> > > > > > ip address 10.1.45.4 255.255.255.0
> > > > > > ipv6 nat
> > > > > > !
> > > > > > !
> > > > > > ipv6 nat v4v6 source 10.1.45.5 2001:CC1E:5::5
> > > > > > ipv6 nat v6v4 source route-map PT-SOURCE pool v4pool
> > > > > > ipv6 nat v6v4 pool v4pool 10.1.45.10 10.1.45.50 prefix-length 24
> > > > > > ipv6 nat prefix 2000::/96 v4-mapped v4map_acl
> > > > > > !
> > > > > > !
> > > > > > ipv6 prefix-list PT-LIST seq 5 permit 2001:CC1E:146:146::/64
> > > > > > ipv6 prefix-list PT-LIST seq 10 permit 2001:150:1:6::/64
> > > > > > route-map PT-SOURCE permit 10
> > > > > > match ipv6 address prefix-list PT-LIST
> > > > > > !
> > > > > >
> > > > > > R4 is connected via Serial to R5, R5 is pure v4 and R4 is the
> NAT-PT
> > > > >
> > > > > >
> > > > > > behind R4 there are R1 and R6 over a Ethernet R6 is Pure v6 and
> R1
> > > > > is dual
> > > > > > mode but with no NAT-PT or any other connection between the
> > > > > protocols.
> > > > > >
> > > > > > I want to be able to Ping from R6 to the v4 domain and from the
> v4
> > > > > Domain
> > > > > > to ping to v6 Domain Dynamically.
> > > > > >
> > > > > > In my configuration I went according to the Documentation and I
> do
> > > > > not
> > > > > > understand practically how the Dynamic works.
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > On 11/2/07, *Phillip.McCollum@ins.com* <
> Phillip.McCollum@ins.com >
> > > > > wrote:
> > > > > >
> > > > > > Shiran,
> > > > > >
> > > > > > I was pretty confused when working with this as well. Read over
> this
> > > > >
> > > > > > line and see if it helps to sink in. Taken from
> > > > > >
> > > > >
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/
> > > > > > ipv6_c/sa_natpt.htm#wp1079515:
> > > > > >
> > > > > > ==========
> > > > > > Enabling Traffic to be Sent from an IPv6 Network to an IPv4
> Network
> > > > > > without Using IPv6 Dastination Address Mapping: Example
> > > > > >
> > > > > > In the following example, the access list permits any IPv6
> source
> > > > > > address with the prefix 2001::/96 to go to the destination with
> a
> > > > > > 2000::/96 prefix. The destination is then translated to the last
> 32
> > > > > bit
> > > > > > of its IPv6 address; for example: source address = 2001::1,
> > > > > destination
> > > > > > address = 2000:: 192.168.1.1. The destination then becomes
> > > > > 192.168.1.1 in
> > > > > > the IPv4 network:
> > > > > >
> > > > > > ipv6 nat prefix 2000::/96 v4-mapped v4map_acl
> > > > > >
> > > > > > ipv6 access-list v4map_acl
> > > > > > permit ipv6 2001::/96 2000::/96
> > > > > >
> > > > > > ==========
> > > > > >
> > > > > > Phillip
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
> Behalf
> > > > > Of
> > > > > > shiran guez
> > > > > > Sent: Thursday, November 01, 2007 1:00 PM
> > > > > > To: Cisco certification
> > > > > > Subject: IPV6 NAT-PT
> > > > > >
> > > > > > I am going out of my mind to figure out this, it seam like this
> > > > > > technology
> > > > > > do not want to go trough my head.
> > > > > > I already went trough the RFC and the Cisco DOC from univercd,
> but
> > > > > it is
> > > > > > not
> > > > > > sinking in.
> > > > > >
> > > > > >
> > > > > > I understand how the Static 1 to 1 work, but the Dynamic I do
> not
> > > > > see
> > > > > > how
> > > > > > can you set a range of address on one protocol and on the other
> > > > > protocol
> > > > > > without linking them one to one
> > > > > >
> > > > > > for say I have IPv6 Network on one side and IPV4 on the other
> side
> > > > > and
> > > > > > NAT-PT between them, if i set a pool of IPv4 and a Prefix of /96
> for
> > > > > the
> > > > > > IPv6 what address should I ping from the IPv6 to the IPv4 to
> reach a
> > > > >
> > > > > > specific node if it is not mapped how can he know where to go?
> > > > > >
> > > > > > if some one have a better explanation and a working sample
> config I
> > > > > > would
> > > > > > much appreciate it as I am pooling hare as we speak.
> > > > > >
> > > > > >
> > > > > > --
> > > > > > Shiran Guez
> > > > > > MCSE CCNP NCE1
> > > > > > http://cciep3.blogspot.com
> > > > > > http://www.linkedin.com/in/cciep3
> > > > > >
> > > > > >
> > > > >
> _______________________________________________________________________
> > > > > > Subscription information may be found at:
> > > > > > http://www.groupstudy.com/list/CCIELab.html
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > Shiran Guez
> > > > > > MCSE CCNP NCE1
> > > > > > http://cciep3.blogspot.com
> > > > > > http://www.linkedin.com/in/cciep3
> > > > > >
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Shiran Guez
> > > > > MCSE CCNP NCE1
> > > > > http://cciep3.blogspot.com
> > > > > http://www.linkedin.com/in/cciep3
> > > > >
> > > > >
> > > > >
> _______________________________________________________________________
> > > > > Subscription information may be found at:
> > > > > http://www.groupstudy.com/list/CCIELab.html
> > > > >
> > > >
> > > >
> > >
> > >
> > > --
> > > Shiran Guez
> > > MCSE CCNP NCE1
> > > http://cciep3.blogspot.com
> > > http://www.linkedin.com/in/cciep3
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
>
-- Shiran Guez MCSE CCNP NCE1 http://cciep3.blogspot.com http://www.linkedin.com/in/cciep3
This archive was generated by hypermail 2.1.4 : Sat Dec 01 2007 - 06:37:28 ART