Technical data
ServerIron ADX NAT64 Configuration Guide 5
53-1002288-02
Implementation Details
1
DRAFT: BROCADE CONFIDENTIAL
TABLE 2 ICMPv4 to ICMPv6 message translation
NAT64 full size packet handling
NAT64 full size packet handling enables full-sized packets from the IPv4 host to be split into
multiple packets for the IPv6 client. This functionality is needed because an IPv4 header is 20
bytes in length and IPv6 header (along with extension headers if applicable) is greater than or
equal to 40 bytes. If a ServerIron ADX receives a full-sized packet (total length of IPv4 packet
equals to MTU) on IPv4 side, when it translates the IPv4 header to IPv6 header, the total length of
the IP packet may exceed the MTU of the IPv6 side, so this full size packet needs to be split into two
IPv6 fragments. The head fragment size will be equal to the IPV6 side MTU and the non-head
fragment size will be equal to the original packet size minus the first fragment size. After
performing this full size packet handling, the ServerIron ADX sends these two fragments to the IPv6
side host.
NAT64 fragmentation support
NAT64 fragmentation handling enables a ServerIron ADX to convert an IPv4 fragmented packet to
an IPv6 fragment packet and vice-versa. The fragmentation formats are different for IPv4 and IPv6.
For the IPv6 to IPv4 direction, the ServerIron ADX:
• strips off the IPv6 fragment header
• extracts the information stored in it
ICMPv4 Message Type ICMPv6 Message Type
Destination Unreachable ( Type 3)
• net unreachable (code 0)
• host unreachable (code 1)
• protocol unreachable (code 2)
• port unreachable (code 3)
• fragment needed (code 4)
• route fail (code 0)
• unknown dest network (code 1)
• unknown dest host (code 2)
• source host isolated (code 3)
• dest network admin prohibited (code 4)
• dest host admin prohibited (code 0)
• network unreachable for tos (code 1)
• host unreachable for tos (code 2)
• admin prohibit (code 3)
• host precedence violated (code 4)
• precedence cutoff in effect (code )
Destination Unreachable (Type 1)
• no route code (code 0)
• no route code(code 0)
• type - param prob, code - next header
• no port (code 4)
• type - packet too big, code- no route
• not neighbor code (code 1)
• no route code (code 0)
• no route code (code 0)
• no route code (code 0)
• admin prohibited (code 1)
• admin prohibited (code 1)
• no route code (code 0)
• no route code (code 0)
• admin prohibited (code 1)
• admin prohibited (code 1)
• admin prohibited (code 1)
Time Exceeded (Type 3) Time exceeded (Type 11)
• code remains same from ICMP
Parameter Problem (Type 4)
• next header
• any other param prob
Type - Dest Unreachable, code - protocol
unreachable
Type - param prob, code - 0
Echo request (Type 8) Echo request (Type 128
Echo Reply (Type 0) Echo Reply (Type 129)