Title: How to setup NAT64 and DNS64 on ubuntu Author(s):Yukito Ueno (Keio univ.), Hiroaki Hazeyama (NAIST) Date: 2011-09-21 1. Introduction This document explains the setup procedures on NAT64 and DNS64 on the WIDE camp 1109 autumn. We explain the settings of NAT64 and DNS64 on Ubuntu. We think, these settings would work on other linux distributions. 2. How to setup 2.1 how to setup NAT64 2.1.1 how to get NAT64 implementation (linuxnat64) http://sourceforge.jp/projects/sfnet_linuxnat64/ you can get by following command on git #git clone git://linuxnat64.git.sourceforge.net/gitroot/linuxnat64/linuxnat64 2.1.2 make linuxnat64 - get linux kernel source' header by apt-get - make #apt-get install linux-headers-'uname -r' #cd /linuxnat64/modules/ #make 2.1.3 setting of linuxnat46 - set nexthop of v6/v4 prefix on physical interfaces - at the wide 1109 network, we prepared following prefixes for nat64 2001:200:0:ff99::/96 203.178.159.24/30 - and we set addresses for physical interfaces as follows; 2001:200:0:ff81::37 203.178.158.37 - in cisco, set following static routes; ipv6 route 2001:200:0:FF99::/96 2001:200:0:FF81::37 ip route 203.178.159.24 255.255.255.252 203.178.158.37 - and then load kernel module of linuxnat64 and set the next hop of nat64 prefix to the pseudo interface # insmod /path/to/nat64.ko ipv4_address=203.178.159.25 prefix_address=2001:200:0:ff99:: # ip link set nat64 up # ip -6 route add 2001:200:0:ff99::/96 dev nat64 # ip route add 203.178.159.24/30 dev nat64 - these settings may be written in rc.local 2.2 how to setup DNS64 2.2.1 how to get DNS64 implementation - get source code of bind 9.8 or later version from ISC # wget http://www.isc.org/software/bind/981/download/bind-981targz 2.2.2 make DNS64 - make along with bind's manual 2.2.3 set up - Initially, create configuration files along with the bind manual (allow-recursion, etc.). - Then, add following lines into options field of a named.conf dns64 2001:200:0:ff99::/96 { clients { any; }; mapped { any; }; suffix ::; recursive-only yes; }; - and check the name.conf by named-checkconf. - If the check is passed, then, do rndc reload. - After then, check the DNS64 by setting as your resolver. - If you get 2001:200:0:ff99::xxxx:yyyy as a AAAA record, it would be succeeded. - Also, if ping6 to the ipv6 address got replies, NAT64 would work well, too.