Cisco Cisco IOS Software Release 12.2(1c) Weißbuch
White Paper
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 19
Cisco Network Address Translation (NAT)
Introduction
IETF NGTrans working group defined several translation mechanisms to enable communications
between IPv6-only and IPv4-only hosts. One such example is Network Address Translator-
Protocol Translator (NAT-PT)—RFC 2766; network administrators already familiar with NAT may
find it useful to insure the co-existence between hosts when native communication cannot be
achieved. The application of each area must be well understood, as the protocol does not
represent a generic mechanism that would be universally applicable.
Since IPv6 deployment will be a gradual process, there will be a transitional period, during which
IPv6 hosts will need to communicate with the global Internet, which currently has majority of IPv4
hosts. Simply stated, IPv4 and IPv6 nodes will need to coexist and communicate during the
lengthy transition. A strong set of flexible IPv4-to-IPv6 transition and coexistence mechanisms will
be required during this period. In these environments, NAT-PT is the translator that provides the
solution.
NAT-PT is an interoperability solution that does not require any modifications or extra software,
such as dual stacks, to be installed on any end user host of either IPv4 or IPv6 networks. It
performs the required interoperability functions within a stub network, making interoperability
between hosts easier to manage and faster to deploy.
NAT-PT provides IPv4/IPv6 protocol translation. It resides within an IP router, situated at the
boundary of an IPv4 network and an IPv6 network. By installing NAT-PT between an IPv4 and IPv6
network, all IPv4 users are given access to the IPv6 network without modification in the local IPv4-
hosts (and vice versa). Equally, all hosts on the IPv6 network are given access to the IPv4 hosts
without modification to the local IPv6-hosts. This is accomplished with a pool of IPv4 addresses for
assignment to IPv6 nodes on a dynamic basis as sessions are initiated across IPv4-IPv6
boundaries. However, NAT-PT requires tracking the sessions it supports and mandates that
inbound and outbound datagrams pertaining to a session traverse the same NAT-PT router. In that
sense, NAT-PT inherits many NAT restrictions. Suppose that some applications carry network
addresses in payloads. NAT-PT can be application unaware, because it does not snoop the
payload. NAT-PT requires some Application Level Gateway (ALG), an application specific agent
that allows an IPv6 application to communicate with an IPv4 application and vice versa. ALG could
work in conjunction with NAT-PT to provide support for such applications.