IPv6 Deployment Scenarios Part 2: Dual-stack RFC1918 IPv4 and IPv6

Posted by

In the last post we discussed using NAT64 for IPv6-only clients to reach both the IPv6 and IPv4 Internet. Supporting both IPv6 and IPv4 is a struggle and will continue to be a struggle. In this article I’ll be demonstrating a scenario where the client is running dual-stack with a public v6 address and an RFC1918 v4 address using NAT. This will give a good base for verifying v6 and v4 connectivity without a lot of hassle.

Here is the basic network that I built in the lab:

I made use of Google’s public DNS servers at and These servers return both A and AAAA records if they are available. For sites that return AAAA records the client would connect via IPv6 and for sites with just A records the client would connect via IPv4.
Here are various DNS lookups. I had to set type=AAAA to see the IPv6 DNS records, but after that things started to make a little more sense.
C:Documents and Settingsmpreath.CCIDOMAIN>nslookup
Default Server:  google-public-dns-a.google.com
> google.com
Server:  google-public-dns-a.google.com
Non-authoritative answer:
Name:    google.com
> ipv6.google.com
Server:  google-public-dns-a.google.com
Non-authoritative answer:
Name:    ipv6.google.com
> set type=AAAA
> ipv6.google.com
Server:  google-public-dns-a.google.com
Non-authoritative answer:
ipv6.google.com canonical name = ipv6.l.google.com
ipv6.l.google.com       AAAA IPv6 address = 2001:4860:800b::93
> ipv6.netflix.com
Server:  google-public-dns-a.google.com
Non-authoritative answer:
ipv6.netflix.com        AAAA IPv6 address = 2620:0:ef0:13::20
The router facing the client computer was configured with both IPv6 address, IPv4 addresses, and IPv4 NAT.  The configuration was relatively short, but here are the import points:
IPv6 + IPv4 public on upstream interface:
interface FastEthernet0/0
ip address XX.YY.56.251
ip nat outside
duplex auto
speed auto
ipv6 address XXXX:YYYY::6/126
IPv6 + IPv4 private on customer facing interface:
interface FastEthernet0/1
ip address
ip nat inside
duplex auto
speed auto
ipv6 address XXXX:YYYY:0:1E0::1/64
ip nat inside source list 101 interface FastEthernet0/0 overload
access-list 101 permit ip any
For the border router there was already IPv4 peering configured so IPv6 BGP peering had to be added. This was a pretty simple process once we had it worked out with our upstream IPv6 provider.
IPv6 on upstream interface:
interface GigabitEthernet2/6
ipv6 address XXXX:YYYY:0:42::2/126
IPv6 + IPv4 on downstream interface:
interface GigabitEthernet2/27
ip address XX.YY.56.249
duplex auto
speed auto
ipv6 address XXXX:YYYY::5/126
BGP peering:
router bgp XXXXX
neighbor XXXX:YYYY:0:42::1 remote-as YYYY
neighbor XXXX:YYYY:0:42::1 prefix-list in
neighbor XXXX:YYYY:0:42::1 prefix-list out
address-family ipv6
no synchronization
network XXXX:ZZZZ::/32
network XXXX:ZZZZ:8::/48
neighbor XXXX:YYYY:0:42::1 activate
neighbor XXXX:YYYY:0:42::1 route-map in
neighbor XXXX:YYYY:0:42::1 route-map out
I did IPv6 verification to http://whatismyv6.com/
This showed my proper global v6 address and then did an IPv4 only test.
which showed my correct v4 public address.
The dual-stack testing went well with minimal troubles.  I had to troubleshoot an v6 route issue in our border router and enable IPv6 in Windows XP.  Once those items were resolved I had no trouble accessing sites via v6 and v4.
The next lab project I will be doing is a NAT64 demo with an IPv6 only client.



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s