This is an open source implementation of the server side of the NAT64 handoff protocol.
By running this server on the host where you are hosting services reachable over IPv4 you get a couple of advantages when your services are accessed by clients using a NAT64 which implements the NAT64 handoff extension. Clients connecting to your server through any other means will be unaffected by the NAT64 handoff server, and such clients will continue communicating with your services as usual.
The NAT64 handoff server will log each connection tracking entry being created as well as each connection tracking entry being deleted to make room for new entries. Here is an extract showing what that log could look like:
2019-03-18 10:06:28.436754 Initialized 192.0.2.7 2019-03-18 10:06:28.491727 Created 192.0.2.7:3719 [2001:db8::17]:53186 2019-03-18 10:07:07.333900 Created 192.0.2.7:12191 [2001:db8::3]:53716 2019-03-18 11:41:06.362189 Created 192.0.2.7:28965 [2001:db8::5]:41660 2019-03-18 15:22:02.062254 Deleted 192.0.2.9:47102 [2001:db8::75]:33131 2019-03-18 15:22:02.062478 Created 192.0.2.9:47102 [2001:db8::55]:34643
In the above example we see a NAT64 with IP address 192.0.2.7 establishing a connection to the server and that three connections are then established through that NAT64 from three different IPv6 addresses. Later we see two log entries when a connection from a NAT64 with IP address 192.0.2.9 is deleted to make room for a new connection through the same NAT64 from a different IPv6 address. The deleted connection tracking entry in above example was created on an earlier date and may have been unused for a long time by the time it was eventually deleted.
When the NAT64 handoff protocol is not being used all of the clients using the same NAT will be sharing connection table space on that NAT. This means there will be a limit on how long a connection can be idle before the NAT will have to discard the connection tracking entry to make room for a new entry.
When you install this NAT64 handoff server it will take over responsibility for the connection tracking. It will create a connection table with room for 64508 entries which are dedicated to connections between that NAT64 and your server. The clients will no longer have to share table space with clients of other services.
As an added benefit connections persist even when the NAT64 is rebooted. As this server holds the authoritative connection table and the NAT64 only keeps a cache of recently active connections it can receive other connections from the server after the NAT64 has been rebooted.
In order to install the NAT64 handoff server you can type these commands:
hg clone https://v6tools.kasperd.dk/nat64handoff cd nat64handoff sudo ./install.sh
This will create a user named nat64ho and download the server to that users home directory. It will create a systemd service to run this server as the nat64ho user. And it will install the latest updates for the server each time it is restarted. Logs will be in /home/nat64ho/logs.
This server is tested on Ubuntu LTS 18.04. The server works on older Ubuntu versions as well but requires manual install as install.sh requires at least 18.04. The server is written in Python 3 code and should be reasonably portable across other operating systems. I am happy to accept pull requests to improve portability, packaging, or any other aspect of the server.
Home