Mapping of Address and Port Using Encapsulation

The MAP-E feature provides rules to define the mapping between an IPv6 prefix and an IPv4 address or between a shared IPv4 address and an IPv6 prefix/address. The MAP-E feature is supported by the Stateless NAT64 feature and does not change the system flow of the NAT64 client.

Feature Information for Mapping of Address and Port Using Encapsulation

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Feature Name

Releases

Feature Information

Restrictions for Mapping of Address and Port Using Encapsulation

  • The MAP-E feature supports only a single basic mapping rule (BMR) per IPv6 prefix. This requires you to configure different mapping rules for every address and port translation.

  • Default mapping rule (DMR) with 128 prefix must be configured before starting the MAP-E BMR configuration.

  • This feature does not support BMR prefix length of 64, fragmentation, and local packet generation.

Information About Mapping of Address Port Using Encapsulation

Mapping of Address and Port Using Encapsulation

MAP-E refers to Mapping of Address and Port Encapsulation (MAP-E). The MAP-E feature enables you to configure mapping rules for translation between IPv4 and IPv6 addresses. Each mapping of address and port using MAP-E domain uses a different mapping rule. A MAP-E configuration comprises of one basic mapping rule (BMR), one default mapping rule (DMR), and one or more forwarding mapping rules (FMRs) for each MAP-E domain.

A BMR configures the MAP IPv6 address or prefix. You can configure only one BMR per IPv6 prefix. The MAP-E CE uses the BMR to configure itself with an IPv4 address, an IPv4 prefix, or a shared IPv4 address from an IPv6 prefix. A BMR can also be used for forwarding packets in such scenarios where an IPv4 source address and source port are mapped into an IPv6 address/prefix. Every MAP-E node (CE device is a MAP-E node) must be provisioned with a BMR. The BMR prefix along with the port parameter is used as tunnel source address. You can use the port-parameters command to configure port parameters for the MAP-E BMR.

A DMR prefix which matches with the interface address is recognized as hosts and a DMR prefix with a prefix length of 128 is recognized as the tunnel source address. A border relay IPv6 address is used as the tunnel destination address.

When you boot up a Customer Edge (CE) device for the first time, the CE sends an HTTP request to the rule server to acquire the MAP-E rules. After the CE receives the MAP-E rules, it saves a copy of the rules in a persistent storage, such as bootflash. When you reboot the router subsequently, the CE then detects the copy of MAP-E rules in the bootflash, so it does not send the HTTP request immediately. For a fixed IP in IP, the CE sends the request to the rule server only after the Dynamic Domain Name System (DDNS) reply is successfully received from the address resolution server.


Note

In a fixed IP in IP, the IP in IP tunnel interface is used instead of a NAT64 configuration. Use the nat64 provisioning mode command to enable the tunnel interface.

Map Rule Request

Sl. No

Specifications

Remarks

1

HTTP

Versions: 1.0, 1.1, 2.0

2

HTTP

Method is GET

3

Communicate to IPv6 obtained by name resolution

IPv6 on the rule distribution server side is variable, so do not cache AAAA records.

4

Embed ipv6Prefix and ipv6PrefixLength in a query parameter.

ipv6Prefix=2400:4050:XXX:&ipv6PrefixLength=YY

5

Embed API key in a query parameter.

Ex) code=Abag9k2RFgerkljgsirSDEFgwada

Map Rule Server Transmission of Data

Specifications

Information

Map Rule Specifications

- Rule IPv6 prefix

- Rule IPv6 prefix Length

- Rule IPv4 prefix

- Rule IPv4 prefix Length

- EA

- bits length

- PSID offset

- BR IPv6 Address

Essential information to generate Basic Mapping Rule (BMR) according to draft-ietf-softwire-map-03.

256

The maximum number of MAP rules that can be included in the transmitted data.

content-length

XXX (body size)

content-type

application/json; charset=utf-8

Map Rule Server URL Specification

Specifications

Remarks

URI

https://rule.map.ocn.ad.jp/?ipv6Prefix=<address

>&ipv6PrefixLength=<prefixLength>&code=<

API Key>

Embed <IPv6 address> and <prefix length> allocated to CE

• Example of URI:

https://rule.map.ocn.ad.jp/?ipv6Prefix=2400:4050:

XXX:&ipv6PrefixLength=YY&code=Abag9k2RFgerkl

jgsirSDEFgwada

The query parameter specification is as shown in the table below:

Map Rule Server Transmission of Data

Specifications

Information

Map Rule Specifications:

- Rule IPv6 prefix

- Rule IPv6 prefix length

- Rule IPv4 prefix

- Rule IPv4 prefix length

- EA

- bits length

- PSID offset

- BR IPv6 Address

Information to generate Basic Mapping Rule (BMR).

256

The maximum number of MAP rules that can be included in the transmitted data

Content-length

XXX (body size)

Content-type

application/json; charset=utf-8

Map Rule Server Response Parameters

Name

Description

Type

Byte

Remarks

brIpv6 Address

BRIPv6 address

string

39 (max)

Compliant with RFC 5952

eaBitLength

EAbit Length

string

2 (max)

Example: 25

ipv4Prefix

User IPv4 Prefix

string

15 (max)

Example: 10.0.0.0

ipv4PrefixLength

User IPv4 Prefix Length

string

2 (max)

Example: 16

ipv6Prefix

RFC 5952

User IPv6 Prefix

String

39 (max)

Compliant with RFC 5952

pv6PrefixLength

User IPv6 Prefix Length

string

2 (max)

Example: 35

psIdOffset

PSID Offest

string

2 (max)

Example: 6

How to Configure Mapping of Address Port Using Encapsulation

Enable Tunnel Interface

Perform this task to enable tunnel interface. This task shows the ipv6 nat prefix v4-mapped command configured on a specified interface, but the command could alternatively be configured globally:

Procedure


Step 1

enable

Example:


Router> enable 

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:


Router# configure terminal 

Enters global configuration mode.

Step 3

interface tunneltunnel-number

Example:


Router(config)# interface tunnel0

Specifies the interface tunnel number.

Step 4

nat64-mape

Example:

Device(config)# nat64-mape

Specifies the MAP-E mapping rule and enters the basic mapping rule configuration mode.

Step 5

ipv4 ipv4-prefix

Example:

Device(config-nat64-mape)# 10.1.1.0

Specifies the ipv4 address from rule server.

Step 6

ip nat outside

Example:

Device(config-nat64-mape)# ip nat outside

Specifies the ipv4 nat address.

Step 7

ip virtual re-assembly in

Example:

Device(config-nat64-mape)# ip virtual re-assembly in

Configures the virtual re-assembly.

Step 8

ip tcp adjust-mss adjust-mss-number

Example:

Device(config-nat64-mape)# ip tcp adjust-mss 1300

Specifies the TCP number.

Step 9

tunnel source source-address

Example:

Device(config-nat64-mape)# tunnel source 2001:22::0/128

Specifies the ipv6 tunnel source address.

Step 10

tunnel mode ipv6-prefix

Example:

Device(config-nat64-mape)# tunnel mode ipv6

Configures the ipv6 tunnel mode.

Step 11

port-parameters share-ratio number port-offset-bits number | start-port port-number | no-eabits number

Example:

Device(config-nat64-mape-bmr)# port-parameters share-ratio 2 port-offset-bits 5 start-port 1024

Specifies the values for port-parameters share-ratio, contiguous ports and start-port for MAP-E Basic Mapping Rule (BMR).

  • If the share ratio is greater than 1, the configuration throws an error if the startport value is incorrect. The calculation is based on the share-ratio and port-offset bits. The configuration throws error and displays the value to be configured.

  • If the share ratio is 1, there are no port-offset bits as the values is automatically set to 6 and the start port is set to 1024.

Step 12

exit

Example:

Device(config-nat64-mape-bmr)# exit

Exits basic mapping rule configuration mode and returns to MAP-E configuration mode.

Step 13

default-mapping-rule ipv6 prefix/length

Example:

Device(config-nat64-MAP-E-dmr)# default-mapping-rule 2001:22::0/128

Specifies the values of IPv6 prefix and length for MAP-E Default Mapping Rule (DMR).

Step 14

mode map-e

Example:

Device(config-nat64-MAP-E)# mode map-e

Specifies the value for MAP-E mode.

Step 15

end

Example:

Device(config-route-map)# end

Exits MAP-E configuration mode and returns to privileged EXEC mode.


Automatic Configuration of Address and Port Using Encapsulation

Procedure


Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 3

nat64 provisioning mode mode id

Example:

Device(config)# nat64 provisioning mode jp01

Specifies the nat64 MAP-E domain and enters the MAP-E configuration mode.

Step 4

version draft-ietf-softwire-map-03

Example:

Device(config-nat-provisioning)# version draft-ietf-softwire-map-03

Specifies the MAP version.

Step 5

rule-server url

Example:

Device(config-nat64-provisioning)# rule server rule-server 7
121111030251434B2B39342C36262349041F100259080A00745C53484E037C750B08050E58085E57020D555C0B054B0E4B1D34404B471316181C

Specifies the NAT64 rule server address.

Step 6

api-key key-id

Example:

Device(config-nat64-provisioning)# api-key api-key 7
85E57020D555C0B054B0E4B1D34404B471316181C

Specifies the NAT64 api key ID.

Step 7

address-resolution-server url

Example:

Device(config-nat64-provisioning)# address-resolution-server 7
00259080A00745C53484E037C750B08050E58085E57020D555C0B054B0E4B1D34404B471316181C

Specifies URL of the address resolution server.

Step 8

exit

Example:

Device(config-nat64-provisioning)# exit

Exits the NAT64 provisioning and returns to MAP-E configuration mode.

Step 9

end

Example:

Device(config)# end

Exits MAP-E configuration mode and returns to privileged EXEC mode.


Verifying Manual Mapping of Address and Port Using Encapsulation Configuration

Procedure


Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

show nat64 MAP-E [domain number ]

Example:

Device# show nat64 MAP-E domain 1
  MAP-E Domain 1
   Mode MAP-E
   Default-mapping-rule
      Ip-v6-prefix 2001:22::/128
   Basic-mapping-rule
      Ip-v6-prefix 2001:100::/64
      Ip-v4-prefix 10.1.1.0/24
      Port-parameters
         Share-ratio 2   Contiguous-ports 1024   Start-port 1024
         Share-ratio-bits 1   Contiguous-ports-bits 10   Port-offset-bits 5

Displays MAP-E configuration.


Automatic Configuration of Address and Port Using Encapsulation

Procedure


Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 3

nat64 provisioning mode mode id

Example:

Device(config)# nat64 provisioning mode jp01

Specifies the nat64 MAP-E domain and enters the MAP-E configuration mode.

Step 4

version draft-ietf-softwire-map-03

Example:

Device(config-nat-provisioning)# version draft-ietf-softwire-map-03

Specifies the MAP version.

Step 5

rule-server url

Example:

Device(config-nat64-provisioning)# rule server rule-server 7
121111030251434B2B39342C36262349041F100259080A00745C53484E037C750B08050E58085E57020D555C0B054B0E4B1D34404B471316181C

Specifies the NAT64 rule server address.

Step 6

api-key key-id

Example:

Device(config-nat64-provisioning)# api-key api-key 7
85E57020D555C0B054B0E4B1D34404B471316181C

Specifies the NAT64 api key ID.

Step 7

address-resolution-server url

Example:

Device(config-nat64-provisioning)# address-resolution-server 7
00259080A00745C53484E037C750B08050E58085E57020D555C0B054B0E4B1D34404B471316181C

Specifies URL of the address resolution server.

Step 8

exit

Example:

Device(config-nat64-provisioning)# exit

Exits the NAT64 provisioning and returns to MAP-E configuration mode.

Step 9

end

Example:

Device(config)# end

Exits MAP-E configuration mode and returns to privileged EXEC mode.


Configuration Examples for Mapping of Address and Port Using Encapsulation

Example: Manual Mapping of Address and Port Using Encapsulation Configuration

The following example shows how to configure MAP-E:

enable
 configure terminal
 nat64 map-e domain 1
  basic-mapping-rule
   ipv6-prefix 4001:DB8::/40
   ipv4-prefix 50.50.50.0/24
   port-parameters share-ratio 1 start-port 1
  default-mapping-rule 3001:1::C0A8:105/128
   end

The following example shows shared IPv4 configurations:

enable
 configure terminal
  nat64 route 0.0.0.0/0 GigabitEthernet0/0/0 
  nat64 provisioning mode jp01
  version draft-ietf-softwire-map-03
  rule-server 7 030C4F1F16556E034F0B1A5F0713181F4E0A797C78676F06315F4C215106080209055F4C1517495D1A41475951465A131357190E00090A
  api-key 7 050A070D23
 service-prefix 2400:4050::/30

   end
enable
 configure terminal
 nat64 map-e domain 1
  basic-mapping-rule
   ipv6-prefix 4001:DB8::/40
   ipv4-prefix 50.50.50.0/24
   port-parameters share-ratio 1 start-port 1
  default-mapping-rule 3001:1::C0A8:105/128
   end

Additional References for Mapping of Address and Port Using Encapsulation

Related Documents

Related Topic

Document Title

Cisco IOS commands

Cisco IOS Master Command List, All Releases

NAT commands

Cisco IOS IP Addressing Services Command Reference

Standards and RFCs

Standard/RFC

Title

MAP

Mapping of Address and Port (MAP)

MAP Encapsulation

MAP Encapsulation (MAP-E) - specification

RFC 6052

IPv6 Addressing of IPv4/IPv6 Translators

RFC 6144

Framework for IPv4/IPv6 Translation

RFC 6145

IP/ICMP Translation Algorithm

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html