The Research And Implementation Of Tunnel Through NAT Gateway In IPv6 Transition Phase

The next generation Internet Protocol (IPv6) has resolved the resource crisis of IP address thoroughly, but it should be tested through experiments for a long time before used in the network largely and It will be a long process in transition from IPv4 to IPv6.During this transition, Network Address Translation (NAT) decreases the needs of IP addresses for our word and gains much valuable time to prefect IPv6. In the phase of transition from IPv4 to IPv6, the most popular technology of communication between IPv6 islands is that the IPv6 packet was encapsulated into IPv4 packet (also IPv6-in-IPv4 tunnel) to be transmitted in existing network. This technology also named IPv6-in-IPv4 tunnel. But the tunnel only is applied to End-to-End model and don't allow a NAT gateway exist between tunnel end. So it is difficult to connect IPv6 network for hosts in domain of NAT. Today, NAT is used widely, this problem undoubtedly increase the difficulty of transition.In this paper, the theories of NAT and tunnel technology are discussed. By experiments, the way that NAT gateway deals with IPv6-in-IPv4 data packets is researched as well as the incompatibility between IPv6-in-IPv4 tunnel and NAT technology;especially NAPT (Network Address Port Translation).Based above study, the idea of double 6to4 domains is introduced. Each host holds an inside local address in micro-domain and an inside global address in macro-domain. After that, the translation between 6to4 inside local address and inside global address is made in macro 6to4 border router so that the hosts in NAT domain can visit outside IPv6 network through 6to4 tunnel easily.When the scenario is designed, a new extended format of 6to4 address is defined to hold the mapping relationship between inside local address and inside global address in source address of the 6to4 packet for reducing the complexity of implementation, which a new IPv4 address is embedded in the last 32 bits of the standard 6to4 address. When the scenario is implemented, the data packets are queued to user space by netfilter/iptables frame in Linux and its address are translated by programming in user space. Finally, the scenario is applied and tested in our school network practically, the difference in time of address translation and throughput between this scenario and NAT based on iptables are compared and analyzed, and the future improvement is discussed.