Which three statements regarding NAT64 operations are correct?

Which three statements regarding NAT64 operations are correct? (Choose three.)

Which three statements regarding NAT64 operations are correct? (Choose three.)

A.
With stateful NAT64, many IPv6 address can be translated into one IPv4 address, thus
IPv4 address conservation is achieved

B.
Stateful NAT64 requires the use of static translation slots so IPv6 hosts and initiate
connections to IPv4 hosts.

C.
With stateless NAT64, the source and destination IPv4 addresses are embedded in the
IPv6 addresses

D.
NAT64 works in conjunction with DNS64

E.
Both the stateful and stateless NAT64 methods will conserve IPv4 address usage

Explanation:
Stateful NAT64-Network Address and Protocol Translation from IPv6 Clients to IPv4
Servers
Stateful NAT64 multiplexes many IPv6 devices into a single IPv4 address. It can be assumed
that this technology will be used mainly where IPv6-only networks and clients (ie. Mobile
handsets, IPv6 only wireless, etc…) need access to the IPv4 internet and its services.
The big difference with stateful NAT64 is the elimination of the algorithmic binding between
the IPv6 address and the IPv4 address. In exchange, state is created in the NAT64 device for
every flow. Additionally, NAT64 only supports IPv6-initiated flows. Unlike stateless
NAT64, stateful NAT64 does `not’ consume a single IPv4 address for each IPv6 device that
wants to communicate to the IPv4 Internet. More practically this means that many IPv6-only
users consume only single IPv4 address in similar manner as IPv4-to-IPv4 network address
and port translation works. This works very well if the connectivity request is initiated from
the IPv6 towards the IPv4 Internet. If an IPv4-only device wants to speak to an IPv6-only
server for example, manual configuration of the translation slot will be required, making this
mechanism less attractive to provide IPv6 services towards the IPv4 Internet. DNS64 is
usually also necessary with a stateful NAT64, and works the same with both stateless and
stateful NAT64
Stateless NAT64-Stateless translation between IPv4 and IPv6 RFC6145 (IP/ICMP
Translation Algorithm) replaces RFC2765 (Stateless IP/ICMP Translation Algorithm (SIIT))
and provides a stateless mechanism to translate a IPv4 header into an IPv6 header and vice
versa. Due to the stateless character this mechanism is very effective and highly fail safe
because more as a single-or multiple translators in parallel can be deployed and work all in
parallel without a need to synchronize between the translation devices.
The key to the stateless translation is in the fact that the IPv4 address is directly embedded in
the IPv6 address. A limitation of stateless NAT64 translation is that it directly translates only
the IPv4 options that have direct IPv6 counterparts, and that it does not translate any IPv6
extension headers beyond the fragmentation extension header; however, these limitations are
not significant in practice.
With a stateless NAT64, a specific IPv6 address range will represent IPv4 systems within the
IPv6 world. This range needs to be manually configured on the translation device. Within the

IPv4 world all the IPv6 systems have directly correlated IPv4 addresses that can be
algorithmically mapped to a subset of the service provider’s IPv4 addresses. By means of this
direct mapping algorithm there is no need to keep state for any translation slot between IPv4
and IPv6. This mapping algorithm requires the IPv6 hosts be assigned specific IPv6
addresses, using manual configuration or DHCPv6.
Stateless NAT64 will work very successful as proven in some of the largest networks,
however it suffers from some an important side-effect: Stateless NAT64 translation will give
an IPv6-only host access to the IPv4 world and vice versa, however it consumes an IPv4
address for each IPv6-only device that desires translation — exactly the same as a dual-stack
deployment. Consequentially, stateless NAT64 is no solution to address the ongoing IPv4
address depletion. Stateless NAT64 is a good tool to provide Internet servers with an
accessible IP address for both IPv4 and IPv6 on the global Internet. To aggregate many IPv6
users into a single IPv4 address, stateful NAT64 is required. NAT64 are usually deployed in
conjunction with a DNS64. This functions similar to, but different than, DNS-ALG that was
part of NAT-PT. DNS64 is not an ALG; instead, packets are sent directly to and received
from the DNS64’s IP address. DNS64 can also work with DNSSEC (whereas DNS-ALG
could not).



Leave a Reply 0

Your email address will not be published. Required fields are marked *