Documentation > Architectures > SIIT-DC: Dual Translation Mode

SIIT-DC: Dual Translation Mode

Index

  1. Introduction
  2. Sample Network
  3. Configuration

Introduction

This document is a summary of the SIIT-DC: Dual Translation Mode (SIIT-DC-DTM) architecture, and a small walkthrough that builds it using Jool.

SIIT-DC-DTM is an optional improvement over SIIT-DC which adds a mirror translator to inherit the benefits of 464XLAT.

Sample Network

This is the sample architecture from RFC 7756 section 3.2:

Fig.1 - Network Overview

It’s the same as SIIT-DC, except an isolated IPv4 island amidst the IPv6-only Data Centre has been added. ER will revert the translation done by BR so these nodes can seemingly natively communicate with the IPv4 Internet.

You need this if SIIT-DC doesn’t suffice because some application in the Data Centre either doesn’t support NAT (i.e., the lack of end-to-end transparency of IP addresses) or gets a flu whenever IPv6 is around.

This will be the expected packet flow (in addition to the ones in the SIIT-DC Architecture):

Fig.2 - Packet Flow

Configuration

Start from the SIIT-DC configuration and add the following SIIT Jool setup on ER:

sysctl -w net.ipv4.conf.all.forwarding=1
sysctl -w net.ipv6.conf.all.forwarding=1

modprobe jool_siit
jool_siit instance add --netfilter --pool6 2001:db8:46::/96
jool_siit eamt add 198.51.100.0/24 2001:db8:3333::464:0/120

And the new server record on BR:

jool_siit eamt add 192.0.2.2 2001:db8:3333::464:1

Of course, also make sure 2001:db8:3333::464:0/120 is routed towards ER’s IPv6 interface.