本文共 4037 字，大约阅读时间需要 13 分钟。

目前有一些智能家居方案如Thread在使用ipv6进行组网，但ipv6 ISP环境部署还未完善，所以很多方案选择使用ipv4服务器与ipv6终端通信，这需要在网络拓扑中搭建一个具有NAT64/DNS64功能的边缘路由器。

NAT64/DNS64功能拓扑如下图：

下面是博主使用openwrt进行搭建NAT64/DNS64功能的例子。

1.配置tayga实现NAT64

(1)下载tayga

opkg updateopkg install tayga

(2)配置/etc/config/network文件

config globals 'globals'	option ula_prefix 'ddbe:48ec:56c6::/48'config interface 'nat64'        option proto 'tayga'        option ifname 'tayga-nat64'        option ipv4_addr '192.168.64.1'        option prefix 'ddbe:48ec:56c6:1111::/96'	#这里注意前缀前64位不能与br-lan相同        option dynamic_pool '192.168.64.0/24'        option accept_ra '0'        option send_rs '0'

openwrt使用ula_prefix作为本地ipv6前缀，一般为48位前缀，br-lan一般为64位前缀，则tayga-nat64的前缀前64位不得与br-lan相同，否则nat64会找不到路由表

root@GL-X750:/# route -A inet6Kernel IPv6 routing tableDestination                                 Next Hop                                Flags Metric Ref    Use Ifaceddbe:48ec:56c6:10::/64                      ::                                      U     1024   0        0 br-lan  ddbe:48ec:56c6:1111::/96                    ::                                      U     1024   0        0 tayga-nat64ddbe:48ec:56c6::/48                         ::                                      !n    2147483647 0        0 lo

(3)配置/etc/config/firewall

config zone	option name 'lan'	list network 'lan'	list network 'nat64' #添加nat64	option input 'ACCEPT'	option output 'ACCEPT'	option forward 'ACCEPT

(4)重启network与firewall

/etc/init.d/network restart/etc/init.d/firewall restart

(5)测试tayga功能

root@GL-X750:/# ping6 ddbe:48ec:56c6:1111::8.8.8.8PING ddbe:48ec:56c6:1111::8.8.8.8 (ddbe:48ec:56c6:1111::808:808): 56 data bytes64 bytes from ddbe:48ec:56c6:1111::808:808: seq=0 ttl=46 time=60.722 ms64 bytes from ddbe:48ec:56c6:1111::808:808: seq=2 ttl=45 time=69.222 ms64 bytes from ddbe:48ec:56c6:1111::808:808: seq=3 ttl=45 time=46.831 ms64 bytes from ddbe:48ec:56c6:1111::808:808: seq=4 ttl=46 time=44.560 ms64 bytes from ddbe:48ec:56c6:1111::808:808: seq=5 ttl=45 time=50.169 ms^C--- ddbe:48ec:56c6:1111::8.8.8.8 ping statistics ---6 packets transmitted, 5 packets received, 16% packet lossround-trip min/avg/max = 44.560/54.300/69.222 ms

使用ping6通8.8.8.8证明nat64功能成功

2.2配置totd实现DNS64

(1)下载totd

opkg updateopkg install totd

openwrt1806已经把totd删掉，如果发现源里没有该软件包，可从https://github.com/dengxinfa/openwrt-totd.git里clone自行编译。

; Totd sample configuration file; you can have multiple forwarders, totd will always prefer; forwarders listed early and only use forwarders listed later; if the first ones are unresponsive.forwarder 8.8.8.8 port 53 #dns服务器; you can have multiple prefixes or even no prefixes at all; totd uses them in round-robin fashionprefix ddbe:48ec:56c6:1111:: #ipv6前缀，与nat64配置成一样; the port totd listens on for incoming requestsport 5353	#本地totd监听端口; the pidfile to use (default: /var/run/totd.pid)pidfile /var/run/totd.pid; interfaces totd listens on (UDP only for now and not on Linux); If left out totd will only open wildcard sockets.; interfaces lo br0; 6to4 reverse lookup; stf

(3)开启totd

/etc/init.d/totd enable/etc/init.d/totd restart

(4)配置/etc/config/dhcp

config dnsmasq	option domainneeded '1'	option boguspriv '1'	option filterwin2k '0'	option localise_queries '1'	option rebind_protection '1'	option rebind_localhost '1'	option local '/lan/'	option domain 'lan'	option expandhosts '1'	option nonegcache '0'	option authoritative '1'	option readethers '1'	option leasefile '/tmp/dhcp.leases'	option resolvfile '/tmp/resolv.conf.auto'  	option nonwildcard '1'	option localservice '1'	list server '127.0.0.1#5353' #配置上流dns服务器为totd的监听端口	option noresolv '1' config dhcp 'lan'	option interface 'lan'	option start '100'	option limit '150'	option leasetime '12h'	option force '1'	option dhcpv6 'server'	option ra 'server'	option ra_default '1'	option ra_management '1'

重启dhcp

/etc/init.d/odhcp restart/etc/init.d/dnsmasq restart

(5)测试