Feature Request - NAT64/DNS64 CGN

andrewe02000 · January 22, 2020, 7:39pm

Please implement NAT64/DNS64 persistent Carrier Grade NAT for those of us that would prefer not to buy a giant A10Networks ThunderCGN.

TAYGA is one open source implementation. http://www.litech.org/tayga/

guipoletto · January 23, 2020, 4:18am

+1!

Some less hacky CGNAT implementation (Stateless?) would be very welcome!

muetzekoeln · May 4, 2020, 3:33pm

+1

see also:
http://forum.mikrotik.com/t/ipv6-and-nat-how-i-changed-my-mind/100481/1
http://forum.mikrotik.com/t/nat64-and-dns64/38531/1
http://forum.mikrotik.com/t/features-request-nat64-dns64/85661/1

Internet-Uplinks going IPv6 only. Small IoT devices stick to IPv4.

platini · April 5, 2021, 6:39pm

+1 for NAT64. I can live with DNS64 on the powerdns recursor

ivantirado · April 5, 2021, 8:21pm

Have you looked at using the web-proxy for this? I haven’t tried it but it seems like it can listen on both V6 and V4.

lake6kn · June 17, 2021, 7:43pm

+1, NAT64 on MikroTik and DNS64 can be done by powerdns or bind

Maybe JooL (GPLv2) can be an interesting option instead of TAYGA to implement NAT64 or SIIT.

sep · August 31, 2021, 5:35pm

jool would be an awesome addition to mikrotik. it would provide essential and critical functionality that is expected of any decent isp router noways.

NAT64
SIIT
MAP-T
NPTv6

It would also provide the important 464XLAT/PLAT CPE functions, that ISP’s are searching for now. CPE support is basically what is stopping most isp’s from going ipv6 only on the last mile.

mikrotik + jool with proper TR069 support, and mikrotik could be the most interesting cpe in the space. instead people flash arm mikrotiks with openwrt to get access to features.

buraglio · September 1, 2021, 2:00pm

+1 for NAT64, NPTv6, SIIT. Very, very useful tools for v6 transitioning and new emerging markets. Having to run a NAT64 off to the side is a painful and operationally expensive measure (not to mention the capital cost associated with the commercial options)

DarkNate · September 1, 2021, 2:21pm

https://www.jool.mx/en/

SirPrikol · October 12, 2021, 4:34pm

+1

In addition to TAYGA, another software for nat64 was found on the Internet

https://www.jool.mx/en/index.html

mducharme · October 13, 2021, 1:02am

Couldn’t you run Jool in Docker now?

jonah1810 · December 7, 2021, 6:59pm

+1 This would be a very handy thing for us to have!

ghostinthenet · December 11, 2021, 2:49pm

Jool uses kernel modules to do its magic, so it’s unlikely. Tayga might be doable in a container.

marrold · December 21, 2021, 11:47am

I’d also love to see NAT64 support, now RouterOS 7 is out it seems like a good opportunity to add it

kalamaja · January 19, 2022, 8:50am

Now that v7.1 is in stable with new IPv6 stack and IPv6 NAT functionality, could you please add also NAT64 functionality?

Movement to NAT64 is clear as Apple has had requirement for this since 2018 for all apps. No need for more complex solutions, these can come later.
It would help much for re-architecting networks as IPv6 becomes mandatory in different countries.
It would make it possible to create and manage IPv6-only networks and save from double work of managing dual-stack.
AWS also recently made big enhancements to it’s products to enable IPv6-only networks and services and also added NAT64 functionality to it’s gateways.
As Mikrotik currently supports only DHCPv6-PD and SLAAC, some solution is needed for more meaningful IPv6 DNS-management.
DNS64 service is already available from CloudFlare and Google, no hurry with this.

OlofL · January 19, 2022, 9:31am

Agree on all points. I would like to add that ipv6 fasttrack is also very much needed!

awonglk · January 30, 2022, 2:27am

+1 to NAT64.
One that will help ipv6 adoption further

kalamaja · June 9, 2022, 12:05pm

Now that there’s new IPv6 stack in place and also NATing features are progressing, how long to also get NATing from IPv6 to IPv4? Very much needed!!

DarkNate · June 9, 2022, 5:46pm

IPv6 NAT is NAT66 and should be avoided completely. The point of IPv6 is to restore end-to-end principle.

NAT64 and it’s better sibling 464xlat are not the same thing as NAT66 aka IPv6 killer:
https://blog.apnic.net/2018/02/02/nat66-good-bad-ugly/

Some people must’ve learnt network engineering from the trash can… Smh

platini · June 20, 2022, 4:01pm

Kind off topic but still useful to answer
There are some cases were NAT66 is useful. Particularly in SoHo enviroments where your service providers assign dynamic IAPDs. In that case. when you can have internal servers and particularly with internal DNS mappings you dont want to have your IP addresses (prefix) suddenly changing and messing up your communications. Been able to always use fd00::/x and been able to address translate 1:1 to the prefix given by your ISP can have a benefits in simplicity. Of course you can say that you can dual home internal servers with private and public addresses too.
Also there are some benefits on firewall rule managements related to those ipaddresses not chaging.
My 2 cents.