Public NAT64 Service

Summary

NAT64 is a transition mechanism to allow IPv6-only hosts to communicate with IPv4-only hosts or servers. Stateful NAT64 is a feature that enable the translation of IPv6 packets to IPv4 packets and vice versa. When used in conjunction with the DNS64 mechanism, IPv6-only hosts can transparently communicate with IPv4-only servers. These mechanisms also enable peer-to-peer communication and interactive-media conversations to operate between the two incompatible network-layer protocols.

The Public NAT64 Service project provides a free, publicly accessible NAT64 and DNS64 service.

Service

IPv6-only hosts can use our DNS64/NAT64 service to enable communication with the IPv4-only internet. This service is intended for demonstrational and experimental uses only and is in no way intended for production and/or for commercial uses. To seamlessly access our service, point your hosts resolver address to 2001:620:2010:141:a01:4120:0:1. Another method consists in creating a static entry in your host's operating system host file, in order to statically resolve an hostname to the IPv4-embedded IPv6 address of our NAT64 translator, see the examples page for more information.

Requirements

In order to use our public NAT64 service, please fill out this registration form. Once the registration process is completed, you will be able to use our recursive name server from your IPv6 network. Also, prior to using our service, the registrant must read and agree with the Acceptable Use Policy.

How does it works ?

By pointing your host's resolver address to our DNS64 name server, every queries to translate a domain name or host name to an IPv6 address are processed as follow:
  1. Our name server process the DNS queries by initiating the resolution process that ultimately leads to the resolution of the asked resources; here the translation of a domain name to an IPv6 address (AAAA resource record).
  2. The name server do the necessary recursive queries up to the authoritative DNS server for the domain name.
  3. When a reply is received by our name server, the following looks for any AAAA records present in the answer section.
    • If a AAAA record is found, the resource or service is natively enabled for IPv6 and the reply is sent without any modification back to the client, as any recursive name server would do.
    • However, if only an A record is found, our name server will synthesize a AAAA record which includes the IPv4-embedded IPv6 address pointing to our NAT64 translator.
  4. Your host will communicate with the IPv6 address present in the DNS reply (AAAA resource record), which is an IPv6 address that is part the NAT64 pool of our translator.
  5. The NAT64 translator will translate the IPv6 packets to IPv4 packets and vice versa, according to the IPv4 address embedded inside the destination address. This process is stateful, which means that a single IPv4 transport address can carry thousands of sessions or flows from the IPv6 network.

Technical details

At this time of writing our Public NAT64 Service is implemented by using the software and network components below.
  • The DNS64 resolver is implemented using BIND version 9. Note: the following only answers to non-authoritative queries from registered IPv6 prefixes (see the requirements section for more information).
  • The NAT64 translator is a Juniper M7i Router running JUNOS 10.4. The translation service is processed in hardware by an Adaptive Service PIC which leverages different ASICs and FPGAs.

Sponsors & Donations.

We accept any contributions from organizations and individuals (e,g. hardware, physical space, network connectivity) that would help us to improve this service.

We would like to thanks the Swiss NREN SWITCH for gracefully providing us the Global IPv6 Connectivity.

Statistics

Getting help and support

If you need help, please contact us by email to . Feel free to address your feedback and/or your suggestions.