currently we have a requirement to transition into ipv6 using dual stack.

we have on-site users as well as guest/visitors who will have ipv6 hosts who wants to access the internet to a mixture of ipv4/v6 web servers.

we hired a consultant and he advised the best way is using NAT-PT. i read online with the introduction of IETF-RFC4966 that NAT-PT has been depecrated/obsoleted, and that it's better to use NAT64. Is this true?

any advices or suggestions. many thanks!

Fire your consultant.

_________________
blog.brokennetwork.ca

I 2nd this. Research stateful nat64

Maybe I'm missing the point... But the OP did say dual stack. Why are we talking about NAT at all?

_________________
blog.brokennetwork.ca

I read OP is each location having mixture of ipv4 and ipv6. So if ipv6 hosts need to access ipv4 servers on internet, nat64 is required.

Run dual stack. Don't run any NAT.

_________________
blog.brokennetwork.ca

Yes no nat is needed for dual stack (as long as all clients/apps implement it without bugs) but running dual stack also forces you to support ipv4 network for however long it takes the internet to fully migrate to ipv6. Enabling nat64 does simplify the network addressing and routing. Also not sure of network size but offloading may also be a consideration in future which mostly only supports ipv6.

How do those people get a job, I mean it's the same as I would turn around and say "Well yes I am a brain surgeon"

I couldn't disagree with you more. NAT doesn't simplify anything.

I'm one of those NAT haters, so I doubt very much that you're going to be able to convince me that NAT has any benefits whatsoever. My preferred design choices will always exclude NAT, in any form (though for IPv4 there really isn't any way around standard NAT/PAT).

_________________
blog.brokennetwork.ca

+1 NAT can suck it...

My personal preference is to build out IPv6 support for dual stack from the core outwards to the clients. If anyone recommends NAT right off the bat you should immediately pour hot coffee on their crotch. While it does have its place it should never, ever, ever be the first option.

If your infrastructure and ISP supports full dual stack that is the best option. Roll it out in a controlled manner and you can seamlessly add IPv6 functionality without disrupting your existing IPv4 network.

no NAT

hi guys, me again. this is all new to me..im new to networking also. i've recently been hired by this small company with a small network.

We are a small organization with a need for native dual stack implementation. We have a simple network consisting of a cisco1800 router, a 5505 ASA, a few switches, 2 windows servers, and roughly 30 users (wired & wireless).

There are no hosts inside our network that require to be reached by IPv6 from the outside.

all we want to do ( i think) : a user inside our LAN wants to ping or access an ipv6 server/host to the outside.

we like to go with dual stack mechanism.

i think we have native ipv6 from our ISP. however, i don't believe we have the ipv6 space.

please tell me what i need to do.

your assistance/guidance is greatly appreciated.

Check with the ISP, if thery forward IPv6 then they also should provide the addressing space for you.