1 / 4

F5 CGN Approach

F5 CGN Approach. Integrated large scale NAT and IPv6 interworking solution. Current Internet stays IPv4 but new networks are IPv6. Firewalls. DNS. IPv4 Internet/ n etwork. IPv6 h andsets. DNS64. IPv6 GW. IPv6 d evices. IPv6 Internet/ n etwork. IPv4 GW. IPv4 l egacy d evices.

annis
Download Presentation

F5 CGN Approach

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. F5 CGN Approach

  2. Integrated large scale NAT and IPv6 interworking solution Current Internet stays IPv4 but new networks are IPv6 Firewalls DNS IPv4 Internet/ network IPv6 handsets DNS64 IPv6 GW IPv6 devices IPv6 Internet/ network IPv4 GW IPv4 legacy devices NAT64/NAT44 Highly scalable NAT & IPv6 GW services at 1/3 the cost of traditional firewall solutions Solution • CoordiNATion of NAT64 and DNS64 • Intelligently offloads network firewall functions • Reduce TCO for interworking • Smooth migration to a IMS infrastructure

  3. LTM Providing NAT64 & DNS64 Gateway Function NAT64 Forwarding / mapping Virtual 5. LTM transforms v6 address to v4 addresses for outgoing 1. Client sends DNS query www.server.com IPv6 Client v6 VS 6. LTM maps and transforms v4 addresses to v6 for return traffic 4. Client sends traffic to AAAA address 2. LTM sends AAAA & A Queries to DNS v4 Internet / Network www.server.com (AAAA) www.server.com (A) v4 DNS v6 DNS 3b. If only v4 DNS A record returned, LTM adds 96 bit prefix to A record and returns AAAA to client 3a. If v6 DNS then AAAA record returned to client as usual DNS64

  4. Network Access services – IPv6 • NAT64 • Session management • Applications open more concurrent tcp connections • Users needs to be NATted behind same ip • Only 64k ports per IP – millions of users needs to be mapped behind a range of IPs. • High speed logging (compliance) • DNS64: • DNS request management • IPv6 client requests IPv4 only resource • DNS response management • IPv4 only resource isNAT’ed to IPv6 address and coordiNATed wth DNS reply • NAT46 and DNS46 is needed as well

More Related