Link to home
Start Free TrialLog in
Avatar of Dan Craciun
Dan CraciunFlag for Romania

asked on

IPv6 NAT to IPv4

Let's say my ISP gives me only an IPv6 range (a /64) and no IPv4.

I'll use the first IP in that range in my router and give (a very small subset of) the rest to my other devices.

Q1: all the devices will have public IPs?
Q2: the router will not do NAT over IPv6, just forwarding?

Q3: When I try to access an IPv4 address (from a website that does not have an IPv6 address), what happens?
Q4: My computer will still send the IPv4 packets to the default route, even if it's not IPv4?
Q5: The router will forward it to its default route? What equipment will make the NAT between IPv4 and IPv6?

Thank you.
SOLUTION
Avatar of Shaun Vermaak
Shaun Vermaak
Flag of Australia image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Dan Craciun

ASKER

Thank you.

>>4. If IPv4 typically sends packet to default gateway, and default route if IPv4 is configured, if gateway is configured and ARP can be resolved, there can be IPv4 traffic.

So this means I need to have an IPv4 address on each of the devices involved? My computer, my router and the ISP's router?
But isn't that a plain IPv4 network? No IPv6 to IPv4 needed.
You can have local IPv4 network along IPv6 network. It is called dual stacking. ISP will drop IPv4 traffic if it is not translated by some mechanism to IPv6 address (if ISP offers just IPv6 addresses).
Cisco - Dual stack network
OK. Let's say my ISP only gives me IPv6 addresses.

How will packets meant for an external IPv4 address on the Internet reach it? Will the ISP's router accept packets with an IPv4 address?
/64 is a lot of addresses in that 64 bits left for you.
normally one uses route advertising on the gateway and each website gets visited from different ipv6 address etc.
>>/64 is a lot of addresses in that 64 bits left for you.

Yes, that's a ton of addresses. But my ISP tells me that's the current IANA recommendation: each client (even home users!) should get a /64 block.

And (privacy be damned) that /64 block should be registered to that client's name.
How will packets meant for an external IPv4 address on the Internet reach it? Will the ISP's router accept packets with an IPv4 address?
It will not reach internet if some translation mechanism from IPv4 is provided (or ISP is performing IPv4 to IPv6 translation). I don't know that ISPs offer IPv6 only addresses, but if they do I guess they may provide some translation mechanism. Otherwise if you have more than 1 access to internet locations (HQ and branch offices) and one of locations is IPv6 only (branch), and the other is both IPv4 & IPv6 (HQ) you can tunnel IPv4 traffic inside IPv6 traffic and access web pages through HQ location.
I'm trying to understand IPv6 from a home user's perspective.
That home user won't have $100k network equipment. It will have a $100 router, 1 computer, 1 AP and 1 DVR (or IP cameras) as wired clients, plus the assorted laptops/phones/tablets as wireless clients.

Now let's assume the ISP only gives IPv6 addresses (a /64) to that home user. Even if all his devices support IPv6 and he gives them all an IPv6 address, the problem remains: how to access IPv4 addresses.

>>you can tunnel IPv4 traffic inside IPv6 traffic
Who does that? The customer's router? The ISP's router?
For IPv6 to access IPv4 websites someone need to provide translation. Don't forget that many devices are still not fully IPv4 compatible and also will need to be replaced in that case (also many devices that were suppose  to be IPv6 compatible are actually not).
From home user perspective someone will need to provide translation between IPv4 and IPv6 otherwise home user will not be able to access IPv4 websites.
Who does that?
IPv4 through IPv6 typically is done by customer - IPv4 over IPv6 tunneling config example, although if ISP want to do it should not be problem.
>>IPv4 through IPv6 typically is done by customer

On a $100 router? Without an IPv4 address on the router?
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
What I'm trying to understand is how a home network would work with only IPv6.
 The Internet is full on how to configure Cisco/Juniper switches to do all kind of translation/tunnels/whatever. No real info on how a home network is supposed to work.
That rather expensive home router can do IPv4 for sure for all your home network needs.
>>What I'm trying to understand is how a home network would work with only IPv6
>>That rather expensive home router can do IPv4 for sure

Was that sarcasm?
Am I correct that you ask a hypothetical question, and we can stop to put in recommendations for specific devices and services?
No sarcasm intended. Any home router can run DHCP server and DNS server for local IPV4-only device suppport...
>>Am I correct that you ask a hypothetical question, and we can stop to put in recommendations for specific devices and services?

Yes, thank you.

I want to understand how a true IPv6 home network is supposed to work.

I've seen "dual stack" solutions where the ISP issues an IPv6 range and a 10.x.x.x IP (non public routable).
That's basically a classic IPv4 network with NAT, with IPv6 like a cherry on top.
The few IPv6 requests will go over the IPv6 gateway, all the rest will be IPv4 traffic.

If no device (router included) on a home network has an IPv4 address, how is the traffic to IPv4 public addresses still possible?
>>Any home router can run DHCP server and DNS server for local IPV4-only device suppport...

Couldn't agree more. And still fail to see how that helps the current discussion.
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
>>the client needs to use a mapping service, encapsulating IPv4 packets into IPv6

Can Windows do that?
Can a smartphone do that?
Good question, and certainly there is an Expert able to tell that - but it isn't me ;-).
Single IPv4 address should suffice for all your NAT64 needs
Windows can do it, rooted smartphone aka Linux can do it easily.
After asking in alternative sources, looks like in 2017 there's no way to do pure IPv6 and still use the Internet.

The "best" way seems to do dual-stack on every device, including the ISP's switches. That way you don't need to tunnel/NAT anything between IPv6 and IPv4. The IPv6 traffic will be routed on the IPv6 network, while the IPv4 traffic will flow as usual.

Is the above correct?
Correct
From ID 41984023

Q5: The router will forward it to its default route? What equipment will make the NAT between IPv4 and IPv6?

IPv4 and IPv6 are not directly compatible, but researchers realized that they couldn't simply flip a switch and turn off IPv4 while most of the world still depended on it. IPv6 devices are built using a process called dual stack that allows IPv6 and IPv4 to run simultaneously alongside each other.
Thank you.
Fresh info on subject:
I was assigned with ipv6 address only for few days from my ISP (new firmware uploded and I am back to ipv4)....
Everything except VPNs worked perfectly, so that mean that provider translated ipv6 to ipv4 and vice versa. Testing whatismyip gave back my "alleged" ipv4 address...
So, most of the home users would not even notice it.