0

We have only 5 usable static IPv4 IPs and many IPv6 static IPs. We want Multiple nodes/pc to be connected with Internet using nating/router because we have limited number of IPs. We would still want few nodes with static public IPv4 IPs. All nodes should have public IPv6 IPs.

Gateway <==> Router <==> Switch <==> Multiple Nodes

Router is directly connected with Gateway.
IPv4 with nating works perfectly in above case. 

Gateway <==> Switch <==> Multiple Nodes

No router involved, switch directly connected with gateway.
IPv6 works perfectly
IPv4 also works if each node is assigned one static IP address. 

Gateway <==> Switch <==> Multiple Nodes  
               ^
               ||
             Router

Gateway is directly connected with switch. Router (Both WAN & LAN) are connected with switch. In this case Internet works for few seconds and then it get's stuck.

I thought it would allow me to nat using router and simultaneously allow me to bind nodes with IPv6 IPs and few other nodes with IPv4 public IPs.

when I try to ping a host I get "Destination Host Unreachable"
How can I meet my requirements?

====UPDATE 1==== For testing we are assigning static Public IPs to all Linux nodes. Eventually we plan to use Nating.

Jai
  • 141
  • 1
  • 3
  • 14
  • It is impossible to tell you why things 'get stuck' without more information like which equipment is used, the configuration etc. – Sander Steffann Sep 15 '14 at 07:46
  • By getting stuck I meant that gateway becomes unreachable. Simple ping gets reply as "Destination Host Unreachable". – Jai Sep 15 '14 at 09:55
  • This needs more details, how are you assigning IPs, client OS etc – Jim B Sep 17 '14 at 14:17

1 Answers1

4

What you are depicting is possible. In case DHCP is being used on both sides of the router, you need a switch with filtering capabilities in order to make it work. Without filtering you would have no control over which DHCP server serves which DHCP client. Using ebtables in Linux is one way to apply this filtering.

But bridging is not the preferred configuration. The only reason to be bridging IPv6 like shown in your schematics is in order to work around an ISP who hasn't deployed IPv6 the way it is supposed to be done.

You should be routing both IPv4 and IPv6. The major difference is that the router should only be applying NAT to the IPv4 traffic and not the IPv6 traffic.

The ISP is supposed to assign you a /64 link prefix for the outside of your router and a /48 routed prefix for the inside of your router. From that routed prefix you only need to use one /64 in your current configuration. The rest of that /48 is only needed if you were to deploy multiple LANs, a VPN, or some other more advanced use of network addressing.

Should the ISP decide to give you a routed /56 or /60 instead of a full /48, then that is no problem in your particular use case.

kasperd
  • 30,455
  • 17
  • 76
  • 124
  • From your answer I don't get how why internet packets get stuck in this case. Gateway becomes unreachable from Router but still reachable from nodes. Sometimes gateway is even unreachable from Nodes. – Jai Sep 16 '14 at 02:05
  • @Jai How are the IP addresses configured on the nodes? – kasperd Sep 16 '14 at 06:04
  • In this approach at present IPv6 does not exist. On both Router and on Node I configure Static IPv4 Public Address. – Jai Sep 16 '14 at 06:41
  • @Jai Isn't that the configuration which you said was working when you asked the question? – kasperd Sep 16 '14 at 07:54
  • I mentioned 3 approaches in my questions. First two works but third don't. – Jai Sep 16 '14 at 08:17
  • @Jai But the third approach in your question involved NAT, and now you are saying that you are using public IPv4 addresses. – kasperd Sep 16 '14 at 09:06
  • Yes, Eventually we want to use NAT but at present we are testing via Public IPs. At present I am able ping Gateway from Router, I am able to ping Router from Node using local IP, I am able to ping Node from Router using Public IP but Neither I am able to ping gateway from Node nor I am able to ping Router's Public IP from Node. I should be able to ping Gatway from Node as well, if that works I will be able to use IPv6 IPs at node that could directly connect with gateway. My mind seems to be completely messed up now. – Jai Sep 16 '14 at 10:51
  • Let us [continue this discussion in chat](http://chat.stackexchange.com/rooms/17202/discussion-between-jai-and-kasperd). – Jai Sep 16 '14 at 10:55