Difference between revisions of "Static:NAT64"

From 34C3_Wiki
Jump to: navigation, search
m (1 revision imported)
(Blanked the page)
Line 1: Line 1:
The world supply of IPv4 addresses is nearing depletion. We were trying different approaches during the last couple of European hacker events. Last  year we ran a combination of [https://www.nonattached.net/ratools/index.html ratools] and a [http://www.a10networks.com/ A10 Networks] box.
This year we run a modified prototype of [http://www.sixfw.com SixFw]. It is work in progress and evolves during congress. So make sure to check out the NAT64 at different times during congress.
To get used to the future and gain some experience with how it may soon feel, ports 1-4 on each switch function as "NAT64/DNS64" ports. Your operating system will need to support native IPv6.
Some details:
* Nameserver addresses changed! (Tue 27 Dec 12:47, Day 1)
** On wired network please use: 2001:67c:20a1:3010::64
** On wireless network please use: 2001:67c:20a1:3020::64
** Nameservers are also distributed via router advertisement and dhcpv6 (currently unstable)
* Your OS must accept route information via router advertisement up to a prefix length of /96
** /proc/sys/net/ipv6/conf/<INTERFACE>/accept_ra_rt_info_max_plen
** e.g. "echo 96 > /proc/sys/net/ipv6/conf/eth0/accept_ra_rt_info_max_plen"
== Technology ==
For a complete explanation of NAT64/DNS64 please consult [http://en.wikipedia.org/wiki/NAT64 the NAT64 Wikipedia page].
== NAT64 over WiFi ==
Just connect to SSIDs '''{{XC3}}''' or '''{{XC3}}-legacy''' using username '''nat64''' and password '''nat64''' and you will be dropped into the NAT64 network. Using this credentials does not affect the encryption, it is as (in)secure as always!
== Experiences ==
Please share your experiences [[NAT64-experiences|in the wiki]] or via [https://www.twitter.com/c3noc Twitter]! What did you like? What did not work?

Latest revision as of 21:16, 9 November 2017