Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Stay with IPv4 internally

Reply
Thread Tools

Stay with IPv4 internally

 
 
eaglesix
Guest
Posts: n/a
 
      02-09-2011
Since we use a firewall that uses NAT between our network and the
router to our ISP is it possible that we could have the router use
IPv4 on the inside interface and IPv6 on the outside?

We have roughly 300 machines inside the network which would be a
challenge to set to IPv6.
 
Reply With Quote
 
 
 
 
Lutz Donnerhacke
Guest
Posts: n/a
 
      02-10-2011
* eaglesix wrote:
> Since we use a firewall that uses NAT between our network and the
> router to our ISP is it possible that we could have the router use
> IPv4 on the inside interface and IPv6 on the outside?


That's called "NAT-PT" and it is a horrible bad idea. IPv6 and IPv4 are
completly different worlds like railways and streets.

NAT-PT is a motorrail/auto train from the ipv6 perspective. From the IPv4
perspective NAT-PT is so ugly, that we do not have a real world example for.
Besides it's feels like an "office boy": You ask always the same person to
do the work for you

> We have roughly 300 machines inside the network which would be a
> challenge to set to IPv6.


You lost about five to ten years, so hurry up!
 
Reply With Quote
 
 
 
 
Sam Wilson
Guest
Posts: n/a
 
      02-10-2011
In article <(E-Mail Removed)-jena.de>,
Lutz Donnerhacke <(E-Mail Removed)> wrote:

> * eaglesix wrote:
> > Since we use a firewall that uses NAT between our network and the
> > router to our ISP is it possible that we could have the router use
> > IPv4 on the inside interface and IPv6 on the outside?

>
> That's called "NAT-PT" and it is a horrible bad idea. IPv6 and IPv4 are
> completly different worlds like railways and streets.
>
> NAT-PT is a motorrail/auto train from the ipv6 perspective. From the IPv4
> perspective NAT-PT is so ugly, that we do not have a real world example for.
> Besides it's feels like an "office boy": You ask always the same person to
> do the work for you


NAT-PT has been deprecated and other mechanisms (NAT64/DNS64) are
preferred. To me NAT64 is just as horrible but probably works better,
for some value of "better".

> > We have roughly 300 machines inside the network which would be a
> > challenge to set to IPv6.

>
> You lost about five to ten years, so hurry up!


I've been watching IPv6 for 15 years now and it's still not ready. The
bickering between RA vs DHCPv6 or PI vs PA addressing is inexcusable at
this stage.

Sam
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: Stay with IPv4 internally bod43 Cisco 2 02-17-2011 02:32 AM
ipv6 - ipv4 nat-pt just not translating Yamin Cisco 0 06-29-2004 08:36 PM
Cisco IOS Interface Blocked by IPv4 Packets upgrade problem John Cisco 3 07-25-2003 03:38 PM
Re: CERT Advisory CA-2003-15 Cisco IOS Interface Blocked by IPv4 Packet Alan Lee Cisco 16 07-23-2003 06:22 PM
BUG | Question ? | Test | Cisco IOS Interface Blocked by IPv4 Packet Markus Zielonka Cisco 1 07-18-2003 11:44 AM



Advertisments