Session initiated by an ipv4 host, Nat-pt limitations – H3C Technologies H3C SecPath F1000-E User Manual

3

translated into a valid IPv4 address, the destination IPv6 address is translated into that IPv4 address.

Otherwise, the translation fails.

4.

Forwards the packet and stores the mappings

After the source and destination IPv6 addresses of the packet are translated into IPv4 addresses, the

NAT-PT device forwards the packet to the IPv4 host. Meanwhile, the IPv4/IPv6 address mappings are
stored in the NAT-PT device.

5.

Forwards the reply packet according to the stored mappings

Upon receiving a reply packet from the IPv4 host to the IPv6 host, the NAT-PT device swaps the source

and destination IPv4 addresses according to the stored mappings and forwards the packet to the IPv6

host.

Session initiated by an IPv4 host

The NAT-PT implementation process for a session initiated by an IPv4 host is as follows:

1.

Determines whether to perform NAT-PT or not

Upon receiving a packet from an IPv4 host to an IPv6 host, the NAT-PT device checks the destination IPv4

address in the packet against the static mappings configured on the IPv6 network side. If a match is
found, the device considers that the packet needs to be forwarded to the IPv6 network and NAT-PT needs

to be performed.

2.

Translates the source IP address

The NAT-PT device translates the source IPv4 address of the packet into an IPv6 address according to the

static or dynamic mapping on the IPv4 side. If no mapping is configured on the IPv4 side, the source IPv4

address with the first configured NAT-PT prefix is used as the translated source IPv6 address.

3.

Translates the destination IP address

The NAT-PT device translates the destination IPv4 address of the packet into an IPv6 address according

to the static mapping on the IPv6 side.

4.

Forwards the packet and stores the mappings

After the source and destination IPv4 addresses of the packet are translated into IPv6 addresses, the

NAT-PT device forwards the packet to the IPv6 host. Meanwhile, the IPv4/IPv6 address mappings are
stored in the NAT-PT device.

5.

Forwards the reply packet according to the stored mappings

Upon receiving a reply packet from the IPv6 host to the IPv4 host, the NAT-PT device swaps the source

and destination IPv6 addresses according to the stored mappings and forwards the packet to the IPv4

host.

NAT-PT Limitations

NAT-PT has the following limitations:

•

In NAT-PT translation, the request and response packets of a session must be processed by the same
NAT-PT device.

•

The Options field in the IPv4 packet header cannot be translated.

•

NAT-PT does not provide end-to-end security.

Therefore, NAT-PT is not recommended in some applications. For example, tunneling is recommended in
the case where an IPv6 host needs to communicate with another IPv6 host across an IPv4 network.