Postings may contain unverified user-created content and change frequently.

The content is provided as-is and

is not warrantied by Cisco.
1
IPv6 Stateful NAT64 Configuration Example
Introduction Requirements Background Topology Diagram
Summary Steps Configuration Verify Commands Show nat64
mappings static Show nat64 adjacency ipv6 Show nat64 prefix
stateful Show nat64 statistics References

Introduction
Stateful NAT64 is a Network Address Translation mechanism for translating IPv6 addresses
to IPv4 addresses, and IPv4 addresses to IPv6 addresses. Like NAT44, it is called stateful
because it creates or modifies bindings or session state while performing translation.
It supports both IPv6-initiated and IPv4-initiated communications using static or manual
mappings. In this document, stateful NAT64 uses static IPv6 to IPv4 mapping for address
translations.

Requirements
Understanding of IPv6 Addressing Scheme

Understanding NAT64

Background

In this configuration example, routers R1,R2 and R3 are connected via fast Ethernet
interface.Loopback addresses are configured to generate networks.
IPv6 Stateful NAT64 Configuration Example
Postings may contain unverified user-created content and change frequently. The content is provided as-is and
is not warrantied by Cisco.
2
The router R1 is IPv6only router which runs RIPv6 with the ASR (Router R2).Similarly the
router R3 is IPv4 only router that uses OSPF to communicate with the ASR. The network
address translations happen in ASR router using static IPv6 to IPv6 mappings.

Note: All configurations are tested in a lab environment on Cisco 2800 Routers operating on
Cisco IOS 15.2 and ASR operating on Cisco IOS-XE 15.1(3)S4version.

Topology Diagram


IPv6 Stateful NAT64 Configuration Example
Postings may contain unverified user-created content and change frequently. The content is provided as-is and
is not warrantied by Cisco.
3
Summary Steps

NAT64 Interface Configuration
1. ipv6 address <Specify an IPv6 address>
2. nat64 enable
3. exit

NAT64 Mapping Configuration
1. enable
2. configure terminal
3. nat64 prefix stateful <prefix>
Note: The above command enables the router to translate the source IP address to IPv6 by
using the Stateful NAT64 prefix
4. nat64 v6v4 <static> <ipv6-address ipv4-address>
5. exit

Configuration


Router R1
IPv6 Only Router
Router R2
ASR Router
Router R3
IPv4 Only Router
IPv6 Only_Router R1#show
run
Building configuration...

!

ASR Router R2#show run
Building configuration...

IPv4 Only_router R3#show
run
Building configuration...
!
version 15.2
IPv6 Stateful NAT64 Configuration Example
Postings may contain unverified user-created content and change frequently. The content is provided as-is and
is not warrantied by Cisco.
4
version 15.2
!
hostname IPv6 Only_Router R1
!
!
ip cef
ipv6 unicast-routing
ipv6 cef
!
!
interface Loopback0
no ip address
ipv6 address AB00::1/128
ipv6 rip RIP enable
!
interface Loopback1
no ip address
ipv6 address AB01::1/128
ipv6 rip RIP enable
!
interface FastEthernet0/0
duplex auto
speed auto
ipv6 address 2001::A00:A/128
ipv6 rip RIP enable
!
!
ipv6 router rip RIP
!
!
end




!
version 15.1
!
hostname ASR Router R2
!
!
ipv6 unicast-routing
!
!
interface Loopback0
no ip address
ipv6 address BB10::1/128
!
interface Loopback1
ip address 2.2.2.2
255.255.255.255
!
!
interface FastEthernet0/2/6
ip address 10.0.0.2
255.255.255.0
negotiation auto
nat64 enable
!
interface FastEthernet0/2/7
no ip address
negotiation auto
ipv6 address
2001::A00:B/128
ipv6 rip RIP enable
ipv6 rip RIP default-
information only
nat64 enable
!
hostname IPv4 Only_router
R3
!
ip cef
ipv6 unicast-routing
ipv6 cef
multilink bundle-name
authenticated
!
!
!
interface Loopback0
ip address 1.1.1.1
255.255.255.255
!
interface Loopback1
ip address 1.1.1.2
255.255.255.255
!
interface FastEthernet0/0
ip address 10.0.0.1
255.255.255.0
duplex auto
speed auto
!
!
router ospf 1
network 1.1.1.1 0.0.0.0
area 1
network 1.1.1.2 0.0.0.0
area 0
network 10.0.0.0 0.0.0.255
area 0
IPv6 Stateful NAT64 Configuration Example
Postings may contain unverified user-created content and change frequently. The content is provided as-is and
is not warrantied by Cisco.
5



!
!
router ospf 1
network 2.2.2.2 0.0.0.0
area 1
network 10.0.0.0 0.0.0.255
area 0
!
!
ipv6 router rip RIP
!
!
!
nat64 prefix stateful
3001::/96
nat64 v6v4 static
2001::A00:A 10.0.0.10
!
end
!
!
end











Verify Commands

Verifying Connectivity Using Ping Command

To verify whether the router R3 (IPv4 only network) is able to reach the router R1(IPv6 only
network), use the ping command and verify the translations that happen by debug ipv6
icmp.

IPv6 Stateful NAT64 Configuration Example
Postings may contain unverified user-created content and change frequently. The content is provided as-is and
is not warrantied by Cisco.
6
In router R3

Try ping router R1(IPv6 only network)which is represented by the IPv4 address 10.0.0.10.
Enable debug ip icmp on router R3 and in router R1(IPv6 only network) enable debug ipv6
icmp

R3#debug ip icmp
ICMP packet debugging is on

R1#debug ipv6 icmp
ICMP Packet debugging is on

R3#ping 10.0.0.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

R3#
*Sep 8 09:56:22.451: ICMP: echo reply rcvd, src 10.0.0.10, dst 10.0.0.1, topology
BASE, dscp 0 topoid 0
*Sep 8 09:56:22.451: ICMP: echo reply rcvd, src 10.0.0.10, dst 10.0.0.1, topology
BASE, dscp 0 topoid 0
*Sep 8 09:56:22.455: ICMP: echo reply rcvd, src 10.0.0.10, dst 10.0.0.1, topology
BASE, dscp 0 topoid 0
*Sep 8 09:56:22.459: ICMP: echo reply rcvd, src 10.0.0.10, dst 10.0.0.1, topology
BASE, dscp 0 topoid 0
*Sep 8 09:56:22.459: ICMP: echo reply rcvd, src 10.0.0.10, dst 10.0.0.1, topology
BASE, dscp 0 topoid 0
IPv6 Stateful NAT64 Configuration Example
Postings may contain unverified user-created content and change frequently. The content is provided as-is and
is not warrantied by Cisco.
7

R1#
*Sep 8 10:48:51.499: ICMPv6: Received echo request, Src=3001::A00:1,
Dst=2001::A00:A
*Sep 8 10:48:51.499: ICMPv6: Sent echo reply, Src=2001::A00:A, Dst=3001::A00:1
*Sep 8 10:48:51.503: ICMPv6: Received echo request, Src=3001::A00:1,
Dst=2001::A00:A
*Sep 8 10:48:51.503: ICMPv6: Sent echo reply, Src=2001::A00:A, Dst=3001::A00:1
*Sep 8 10:48:51.507: ICMPv6: Received echo request, Src=3001::A00:1,
Dst=2001::A00:A
*Sep 8 10:48:51.507: ICMPv6: Sent echo reply, Src=2001::A00:A, Dst=3001::A00:1
*Sep 8 10:48:51.511: ICMPv6: Received echo request, Src=3001::A00:1,
Dst=2001::A00:A
*Sep 8 10:48:51.511: ICMPv6: Sent echo reply, Src=2001::A00:A, Dst=3001::A00:1
*Sep 8 10:48:51.511: ICMPv6: Received echo request, Src=3001::A00:1,
Dst=2001::A00:A
*Sep 8 10:48:51.515: ICMPv6: Sent echo reply, Src=2001::A00:A, Dst=3001::A00:1

From the above debug output, you can see that the router R3(IPv4 only Router) is able to
reach the router R1(IPv6 only router) using the static IPv4 address that we have assigned
i.e.using 10.0.0.10

Similarly the router R1(IPv6 only router) debug output shows that the ICMP request is
received from 3001::A00:1 which is nothing but the IPv4 address 10.0.0.1 when converted
to hexadecimal becomes A00:1 and is added to the prefix 3001::/.In other words the IPv4
address 10.0.0.1 is translated to 3001::A00:1 when reaching the IPv6 enabled network.

The following show commands can be used to see NAT64 translations that happen in ASR
router

IPv6 Stateful NAT64 Configuration Example
Postings may contain unverified user-created content and change frequently. The content is provided as-is and
is not warrantied by Cisco.
8
Show nat64 mappings static

To display the information about the Network Address Translation 64 (NAT64) static
mappings, use this command.
ASR Router R2#show nat64 mappings static
Static mappings configured: 1
Direction Protocol Address (Port, if any)
Non-key Address (Port, if any)
v6v4 --- 2001::A00:A
10.0.0.10
Show nat64 adjacency ipv6
This command displays the information about the Network Address Translation 64 (NAT64)
managed adjacencies.

ASR Router R2#show nat64 adjacency ipv6

Adjacency Counts

Stateless Prefix Adjacencies: 0
Stateless Prefix Adjacency Ref Count: 0
v4v6 Stateless Prefix Adjacencies: 0
v4v6 Stateless Prefix Adjacency Ref Count: 0
v6v4 Stateless Prefix Adjacencies: 0
v6v4 Stateless Prefix Adjacency Ref Count: 0
IPv6 Stateful NAT64 Configuration Example
Postings may contain unverified user-created content and change frequently. The content is provided as-is and
is not warrantied by Cisco.
9
Stateful Prefix Adjacencies: 1
Stateful Prefix Adjacency Ref Count: 1
IPv6 Well-Known Prefix Adjacencies: 1
IPv6 Well-Known Prefix Adjacency Ref Count: 1
IPv6 Static Mapping Adjacencies: 0
IPv6 Static Mapping Adjacency Ref Count: 0
IPv4 Route Adjacencies: 0
Adjacencies

Stateful Prefix: ::100.0.0.1
IPv6 Well-Known Prefix: ::100.0.0.2
IPv6 Stateful Mask: ::100.0.0.0

Show nat64 prefix stateful

Using this command, you can check the information about Network Address Translation 64
(NAT64) stateful prefixes. Global prefixes, nat64 configured intrerfaces and prefix static-
routes will be displayed.

ASR Router R2#show nat64 prefix stateful global (Displays the global prefixes)

Global Stateful Prefix: is valid, 3001::/96
IFs Using Global Prefix
Fa0/2/6
Fa0/2/7

IPv6 Stateful NAT64 Configuration Example
Postings may contain unverified user-created content and change frequently. The content is provided as-is and
is not warrantied by Cisco.
10
ASR Router R2#show nat64 prefix stateful static-routes (Displays the static-routes)
Stateful Prefixes
NAT64 Prefix
Static Route Ref-Count
3001::/96
1

ASR Router R2#show nat64 prefix stateful interfaces (Displays the nat64 enabled
interfaces)
Stateful Prefixes

Interface
NAT64 Enabled Global Prefix

FastEthernet0/2/6
TRUE TRUE 3001::/96
FastEthernet0/2/7
TRUE TRUE 3001::/96

Show nat64 statistics

To display Network Address Translation 64 (NAT64) packet count statistics use this
command

ASR Router R2#show nat64 statistics
IPv6 Stateful NAT64 Configuration Example
Postings may contain unverified user-created content and change frequently. The content is provided as-is and
is not warrantied by Cisco.
11
NAT64 Statistics
Total active translations: 1 (1 static, 0 dynamic; 0 extended)
Sessions found: 142
Sessions created: 16
Expired translations: 16
Global Stats:
Packets translated (IPv4 -> IPv6)
Stateless: 0
Stateful: 79
Packets translated (IPv6 -> IPv4)
Stateless: 0
Stateful: 79
Interface Statistics
FastEthernet0/2/6 (IPv4 configured, IPv6 not configured):
Packets translated (IPv4 -> IPv6)
Stateless: 0
Stateful: 79
Packets translated (IPv6 -> IPv4)
Stateless: 0
Stateful: 0
Packets dropped: 0
FastEthernet0/2/7 (IPv4 not configured, IPv6 configured):
Packets translated (IPv4 -> IPv6)
Stateless: 0
Stateful: 0
Packets translated (IPv6 -> IPv4)
Stateless: 0
Stateful: 79
Packets dropped: 0
Dynamic Mapping Statistics
v6v4
IPv6 Stateful NAT64 Configuration Example
Postings may contain unverified user-created content and change frequently. The content is provided as-is and
is not warrantied by Cisco.
12
References

NAT64 Technology: Connecting IPv6 and IPv4 Networks
NAT64Stateless versus Stateful
Stateful Network Address Translation 64
Stateless IPv6 NAT64 Configuration
IP Version 6 (IPv6) - Cisco Systems
Cisco IOS IPv6 Command Reference
IPv6 - Frequently Asked Questions
Routing Information Protocol