You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To check the status of our standalone cilium install with NAT64 enabled
61
61
62
-
Let's create another Ubuntu VM as a test host with an IPv6 only address that points to our NAT46x64Gateway. Few noteworthy points in the netplan config shared below.
- The two nameservers are DNS64 servers from dns64.cloudflare-dns.com and dns64.dns.google respectively. You can use any dns server which has dns64 capability.When a client queries a DNS64 server for a hostname which only has an A record setup, the dns64 server sends a response containing the corresponding IPv4 address as well as a translated IPv6 address.
78
+
## Test
65
79
66
-
- static route to `64::ff9b/96` which is a special prefix that is used by IPv4/IPv6 translators as defined in [RFC6502](https://datatracker.ietf.org/doc/html/rfc6052). When the DNS64 server responds with the translated IPv6 address, our VM will forward the packet to our NAT46x64Gateway i.e `2001:db8:abcd::2`
80
+
A good test to check if our NAT46x64Gateway is performing the 4to6 translation correctly, we can try connecting to an application that is accessible only via IPv4. So let's provision another Ubuntu VM on our IPv6 only network with the following netplan config as shown below.
- The two nameservers are DNS64 servers from dns64.cloudflare-dns.com and dns64.dns.google respectively. You can use any dns server which has dns64 capability. When a client queries a DNS64 server for a hostname which only has an A record setup, the dns64 server sends a response containing the corresponding IPv4 address as well as a translated IPv6 address.
109
+
92
110
Example:
93
111
94
112
google.com has both an A record and a AAAA record.
95
113
96
114
```sh
97
-
root@controller:/home/kagraw# host google.com
115
+
root@testvm:/home/kagraw# host google.com
98
116
google.com has address 142.250.190.78
99
117
google.com has IPv6 address 2607:f8b0:4009:803::200e
100
118
```
101
119
102
120
github.com only has an A record but since we're using a DNS64 server we receive a (translated) AAAA record as well.
103
121
104
122
```sh
105
-
root@controller:/home/kagraw# host github.com
123
+
root@testvm:/home/kagraw# host github.com
106
124
github.com has address 140.82.113.4
107
125
github.com has IPv6 address 64:ff9b::8c52:7104
108
126
```
109
127
110
-
But since we have a static route to 64:ff9b::/96, any traffic going to github (64:ff9b::8c52:7203) will be forwarded via `2001:db8:abcd::2` i.e our Cilium based NAT46x64Gateway.
128
+
- Static route to `64::ff9b/96` which is a special prefix that is used by IPv4/IPv6 translators as defined in [RFC6502](https://datatracker.ietf.org/doc/html/rfc6052). When the DNS64 server responds with the translated IPv6 address, our ipv6 only test host looks up it's routing table and forwards the packet directly to our NAT46x64Gateway i.e `2001:db8:abcd::2`
129
+
130
+
{{< alert >}}
131
+
**Note!** Using a static route is not a hard requirement. The bottom line is that your router needs to know where to forward IPv6 packets going to `64:ff9b::/96` i.e what the next hop is.
0 commit comments