No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


NE40E V800R010C00 Feature Description - NAT and IPv6 Transition 01

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Distributed DS-Lite Deployment Solution

Distributed DS-Lite Deployment Solution

Networking Description

Figure 4-4 shows a distributed Dual-Stack Lite (DS-Lite) scenario. The routed customer premises equipment (CPE) runs Point-to-Point Protocol over Ethernet IPv6 (PPPoEv6) or IPv6 over Ethernet (IPoEv6) to dial up to log in to a broadband remote access server (BRAS) equipped with Carrier Grade NAT (CGN) boards. The BRAS assigns an IPv6 address to the CPE's WAN interface, an IPv6 address prefix to the CPE's LAN interface, a related public IP address, and a related public port range. Each CPE assigns a private IPv4 address to a residential terminal and uses the IPv6 address prefix to assign an IPv6 address to the residential terminal. The CPE uses the IPv6 address of the WAN interface to establish a tunnel to the BRAS.

The CPE directly forwards user IPv6 packets over routes. The CPE encapsulates user IPv4 packets into IPv4 over IPv6 packets before forwarding them, in which the source IP address is set to the CPE's WAN interface address and the destination address is set to the BRAS's IPv6 address.

Upon receipt of the IPv4 over IPv6 packets, the BRAS decapsulates them, replaces the source IPv4 addresses and port numbers with public ones, and forwards them to an IPv4 network. In such a scenario, DS-Lite functions are deployed on DS-Lite service boards equipped on BRASs. Therefore, this scenario is a distributed DS-Lite solution.

Figure 4-4  Distributed DS-Lite solution

Address Translation Solution

The CPE assigns a private IPv4 address to each terminal. The BRAS assigns an IPv6 address, a public IPv4 address, and a public port number range, to the CPE.

DS-Lite Translation

The CPE functions as a Dynamic Host Configuration Protocolv4 (DHCPv4) server to assign an IPv4 address (for example, to each residential user, and the BRAS assigns IPv6 addresses only. Before a residential user accesses IPv4 services, the user sends a packet with a private IPv4 address along an IPv4-in-IPv6 tunnel to a CGN device. The CGN device translates the private IPv4 address to a public IPv4 address. The CGN device forwards the user packet along an IPv4 over IPv6 tunnel to the CPE. Upon receipt of the user packet, the CPE forwards it to the IPv4 network to access IPv4 services.

Solution Advantages

  • Seamless integration of user access and DS-Lite

    DS-Lite pre-allocates ports to various access users, such as Point-to-Point Protocol over Ethernet (PPPoE) users, IPoE users, and Layer 2 Tunneling Protocol (L2TP) users. Information about DS-Lite resource allocation and entry translation of users can be queried based on access information, such as domains and user IDs. User accounting packets carrying DS-Lite port ranges are sent to a Remote Authentication Dial In User Service (RADIUS) server, and the RADIUS server performs source tracing for users.

  • Log management based on orderly port pre-allocation

    The conventional Network Address Translation (NAT) process is performed on demand. Each user flow is assigned a port. An individual user is prone to consuming a lot of resources on peripheral devices, especially when DS-Lite log information is sent for each flow in source tracing. To reduce resource consumption, port pre-allocation is used so that DS-Lite assigns a port range to a logged-in user and releases the port range after the user is logged out, achieving even resource allocation for users. In source tracing, only a single DS-Lite log message needs to be sent when a user goes online or offline. In addition, users' DS-Lite addresses and port ranges can be sent to the RADIUS server and used to perform real-time source tracing.

  • Flexible and controllable service rollback

    A user who needs a public IP address can be rolled back to a public domain based on the domain name delivered by a RADIUS server. In the public domain, the user can be assigned a public IP address before accessing a public network, so that various user access requirements can be satisfied.

  • High reliability

    DS-Lite service boards within a chassis perform inter-board hot backup, and DS-Lite devices perform inter-chassis hot backup.

Updated: 2018-07-04

Document ID: EDOC1100027155

Views: 19642

Downloads: 67

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next