NAT64 Operational Considerations draft-chen-v6ops-nat64-cpe-03.txt - - PowerPoint PPT Presentation
NAT64 Operational Considerations draft-chen-v6ops-nat64-cpe-03.txt IETF 82- Taipei, Nov 2011 Gang Chen (chengang@chinamobile.com) Qibo Niu(niu.qibo@zte.com.cn) Changes since IETF#81 (-02 to -03) Added different deployment considerations
draft-chen-v6ops-nat64-cpe-03.txt IETF 82- Taipei, Nov 2011
PC HG ONU/SW OLT/SW BRAS DNS64 NAT64 DNS PPPoEv6/IPoEv6 SLAAC/DHCPv6 DNS query(AAAA/A) DNS Response (A) DNS Response(synthesized AAAA) IPv4 Server DNS query(AAAA)
n Implementation: Standalone CGN VS Embedded CGN (BNG, Aggregation Router or PGW) n CGN location: centralized deployment VS distributed deployment; n Performance: Traffic throughout, concurrent sessions and session rate of IDC CGN and Internet CGN is related with WEB traffic and Subscriber scale respectively, n Reliability: NAT64 session + Filter/Mapping mode should be synchronized between Master and backup CGN n Service Richness: FTP, SIP, DNS64, RSTP, H.323, SCCP, PPTP and so on; n Security: Lawful interception (ETSI CC IIF) and user traceability for Legal Entity; TCP tracking, uRPF, blacklist and Mapping/Filter mode for CGN security; n Other requirements: Load Balancer, PCP server and subscriber policy (similar to BNG)
IPv6 Network IPv4 Internet
PC PC
IPv6 Internet
NAT64-CE NAT64-CE Enterprise Network Residential Network
n DNS resolving: static AAAA records can be added directly in authoritative DNS n Service Richness: VPN, P2P, Web (Office automation), FTP n Reliability: Standalone NAT64 deployment n Security: IPsec VPN may need to be deployed to prevent privacy invasion n Service Richness: VPN, P2P, Web (Office automation), FTP Other requirements: PCP proxy functionalities n Reliability: Standalone NAT64 deployment n Security: IPsec VPN may need to be deployed to prevent privacy invasion n Other requirements: PCP proxy functionalities
IPv6 Internet IPv4 Network