IPv4 over IPv6 tunneling
Implementation
IPv4 over IPv6 tunneling adds an IPv6 header to IPv4 packets so that the IPv4 packets can pass an IPv6 network through a tunnel to realize interworking between isolated IPv4 networks.
Figure 120: IPv4 over IPv6 tunnel
Figure 120 shows the encapsulation and de-encapsulation processes.
Encapsulation:
Upon receiving an IPv4 packet, Device A delivers it to the IPv4 protocol stack.
The IPv4 protocol stack uses the destination address of the packet to determine the egress interface. If the egress interface is the tunnel interface, the IPv4 protocol stack delivers the packet to the tunnel interface.
The tunnel interface adds an IPv6 header to the original IPv4 packet and delivers the packet to the IPv6 protocol stack.
The IPv6 protocol stack uses the destination IPv6 address of the packet to look up the routing table, and then sends it out.
De-encapsulation:
Upon receiving the IPv6 packet from the attached IPv6 network, Device B delivers the packet to the IPv6 protocol stack to examine the protocol type encapsulated in the data portion of the packet.
If the protocol type is IPv4, the IPv6 protocol stack delivers the packet to the tunneling module.
The tunneling module removes the IPv6 header and delivers the remaining IPv4 packet to the IPv4 protocol stack.
The IPv4 protocol stack forwards the IPv4 packet.
Tunnel modes
IPv4 over IPv6 manual tunnel
A point-to-point virtual link and its source and destination IPv6 addresses are manually configured. You can establish an IPv4 over IPv6 manual tunnel to connect isolated IPv4 networks over an IPv6 network.
DS-Lite tunnel
Dual Stack Lite (DS-Lite) is a combination of the tunneling and NAT technologies. NAT translates the private IPv4 addresses of the IPv4 hosts before the hosts reach the IPv4 public network.
DS-Lite tunnel supports only an IPv4 host in a private network initiating communication with an IPv4 host on the Internet. It does not support an IPv4 host on the Internet initiating communication with an IPv4 host in a private network.
Figure 121: DS-Lite tunnel
As shown in Figure 121, the DS-Lite feature contains the following components:
Basic Bridging BroadBand (B4) element
The B4 element is typically a CPE router that connects end hosts. IPv4 packets entering the B4 router are encapsulated into IPv6 packets and sent to the AFTR. IPv6 packets from the AFTR are de-encapsulated into IPv4 packets and sent to the subscriber's network.
Hosts that can act as the B4 router are referred to as DS-Lite hosts.
Address Family Transition Router (AFTR)
An AFTR resides in the ISP network and terminates the tunnel from the B4 router. NAT is also implemented on the interface that is connected to the public IPv4 network.
An AFTR de-encapsulates the tunneled packet, translates the network address, and routes the packet to the destination IPv4 network. For IPv4 packets coming from the public IPv4 network, the AFTR performs address translation and sends them to the B4 router by using the DS-Lite tunnel.
Figure 122: Packet forwarding process in DS-Lite
As shown in Figure 122, the packet forwarding process in DS-Lite is as follows:
Upon receiving a packet from the private IPv4 network, the B4 router adds an IPv6 header to the packet and sends the IPv6 packet to the AFTR through the tunnel.
The AFTR performs the following operations:
Removes the IPv6 header from the tunneled packet.
Assigns a tunnel ID to the B4 router.
Records the mapping between the IPv6 address of the B4 router (the source IPv6 address of the packet), and the tunnel ID.
After de-encapsulation, the AFTR translates the source private IPv4 address of the packet into a public IPv4 address and sends the packet to the destination IPv4 host. The AFTR also maps the NAT entries to the tunnel ID so that IPv4 networks connected to different B4 routers can use the same address space.
Upon receiving the response packet from the public network, the AFTR translates the destination public IPv4 address into the private IPv4 address. The AFTR performs the following operations:
Looks up the IPv6 address-tunnel ID mapping to obtain the IPv6 address of the B4 router.
Uses the address as the destination address of the encapsulated IPv6 packet.
Forwards the packet to the B4 router.
Figure 122 shows an example of PAT translation for dynamic NAT. Typically, dynamic NAT is used. When you use static NAT for DS-Lite tunneling, make sure the IP addresses of private IPv4 networks connected to different B4 routers do not overlap. For more information about NAT, see "Configuring NAT."