Mastodawn

I like the idea of global anycast NAT64 gateways.

Maybe we shouldn't invent another prefix for it.

https://datatracker.ietf.org/doc/draft-matolin-global-nat64-anycast/

Global Anycast NAT64 Well-Known Prefix

This document defines a globally routable, anycast NAT64 service using the IPv6 prefix 2600:6464::/96 as a standardized translation substrate for IPv6-to-IPv4 connectivity. The goal of this specification is to eliminate per-network NAT64 configuration complexity by introducing a single globally consistent NAT64 translation prefix operated as a distributed anycast service by participating Internet Service Providers, cloud providers, and content delivery networks. The model assumes an IPv6-only client environment with mandatory IPv4 reachability via NAT64 translation. IPv4-only services remain reachable without modification. IPv4 is not modified. IPv6 is not modified. Only translation placement and routing semantics are standardized. This document defines: * A globally shared NAT64 prefix (2600:6464::/96) * Anycast-based NAT64 edge behavior * Stateless IPv6-to-IPv4 synthesis rules * Optional reverse mapping constraints (IPv4->IPv6 blocked) * Operational requirements for participating networks

IETF Datatracker

Manuel Altherr Apr 7

An diesem langen Wochenende habe ich mal wieder mir Zeit genommen, um etwas an meinem Heimnetz herumzuspielen und den #RaspberryPi mal wieder anzuwerfen. #IPv6mostly war diesmal mein Testgebiet. Mit CoreDNS, Tayga und KEA DHCP-Server hat das ganze dann irgendwann doch recht gut funktioniert. Ich war überrascht wie stark an einem die KI (hier Gemini) weiterhelfen und ein Tutorial für ein doch spezielles Thema erstellen konnte. Nach etwas gebastel hat es dann doch funktioniert. #DNS64 #NAT64

nrb Mar 26

Look ma, no IPv4. 🙂
#nat64 #ipv6

Klaus Frank Mar 24

Just got a ping about ipxlat being proposed to the linux kernel (in kernel and mainline NAT64/NAT46):

https://lore.kernel.org/netdev/2026031[email protected]/T/#m6b6603d690f9bd7f85cce6307be7821100d98de0

https://github.com/NICMx/Jool/issues/273

#NAT64 #NAT46 #ipxlat #ipv6 #networking

[RFC net-next 00/15] Introducing ipxlat: a stateless IPv4/IPv6 translation device

Thomas Schäfer Mar 23

Jool(stateful and stateless), NAT46 (OpenWRT only), CLAT with eBPF, now ipxlat within Kernel, tayga outside....

I am getting confused.

#nat64 #linux

Show thread

Thomas Schäfer Mar 14

@debian

still without the recent version of tayga

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107302

#ipv6only #nat64 #tayga #debian #ipv6 #ipv6mostly

#1107302 - New upstream fork - Debian Bug report logs

Larvitz Mar 8

Nice! NAT64 in action, My IPv6-only jail can successfully talk with Github. No tayga, just the new "af-to" feature, that the "pf" firewall got in 15.0-RELEASE:

pass in quick on bastille0 inet6 from $jail_net to 64:ff9b::/96 \
af-to inet from ($ext_if) keep state

This is genuinly nice! 🙂

#freebsd #networking #pf #nat64 #ipv6

Show thread

Richard "RichiH" Hartmann Feb 16

@T_X @axx I made the switch to #NAT64-only on the default network of #FOSDEM 13(?) years ago. It broke So. Much. Stuff.

I knew the former maintainer of the network tooling from the Linux Kernel Summit, and ran into him by chance that year. #Ubuntu was completely broken on NAT64-only, it did not even bring up the network interfaces, and we sent people who came to the NOC to their booth.

I also sent that former maintainer over there.

They fixed things very quickly.

Freifunk Karlsruhe Jan 16

Nachdem unser IPv6-Mostly Setup endlich halbwegs rund läuft, sind unsere NAT64 Server regelmäßig ans Limit der möglichen Verbindungen gekommen, die sie übersetzten können.

Wir haben deswegen noch, pro Server, 8 weitere IPv4 Adressen in unseren Pool geholt.
Da diese Adressen exklusiv für das das NAT64 sind, steigt die Kapazität auf fast das 10-fache.

So ist auch Stoßzeiten nun mehr als genug Luft nach oben und ihr könnt ohne Probleme weiter surfen!

#IPv6mostily #ipv6 #nat64