Configuring the dns64 function of aft, Network requirements, Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual

74

Configuring the DNS64 function of AFT

Network requirements

•

SecPath C is in an IPv4 network and has an IPv4 address of 4.4.4.2 and a domain name of

SecPathC.com.

•

SecPath A is in an IPv6 network and has an IPv6 address of 6::2.

•

The DNS server is in the IPv4 network and has an address of 3.3.3.5. The DNS server has the
mapping between SecPathC.com and 4.4.4.2.

SecPath A wishes to visit SecPath C through domain name SecPathC.com.
To meet the requirements, perform the following configurations:

•

On SecPath B, enable AFT, and configure a DNS64 prefix and a 6to4 AFT policy because the
address of SecPath A is not an IVI address.

•

Enable dynamic domain name resolution on SecPath A and specify the IPv6 address of the DNS
server (2000:0:303:305::, which is translated from IPv4 address 3.3.3.5).

Figure 63 Network diagram

Configuration procedure

1.

Configure SecPath B (the AFT):
# Enable IPv6.

system-view

[SecPathB] ipv6

# Configure IP addresses for the interfaces and enable AFT on the interfaces.

[SecPathB] interface GigabitEthernet 0/1

[SecPathB-GigabitEthernet0/1] ipv6 address 6::1/64

[SecPathB-GigabitEthernet0/1] aft enable

[SecPathB-GigabitEthernet0/1] quit

[SecPathB] interface GigabitEthernet 0/2

[SecPathB-GigabitEthernet0/2] ip address 4.4.4.1 24

[SecPathB-GigabitEthernet0/2] aft enable

[SecPathB-GigabitEthernet0/2] quit

[SecPathB] interface GigabitEthernet 0/3

[SecPathB-GigabitEthernet0/3] ip address 3.3.3.1 24

[SecPathB-GigabitEthernet0/3] aft enable

[SecPathB-GigabitEthernet0/3] quit

# Configure the DNS64 prefix.

SecPath A

SecPath B

SecPath C

GE0/1
6::2/64

GE0/1

6:0:/64

GE0/2
4.4.4.1/24

GE0/1

4.4.4.2/24

IPv6 network

IPv4 network

3.3.3.5/24

DNS server

GE0/3
3.3.3.1/24