DUAL-STACK LITE (DS-LITE)
Benu Networks is working with service operators to offer Large Scale NAT and Dual-Stack Lite (DS-Lite) solutions on the xMEG platform. As an AFTR vendor, our solution provides high scale tunnel termination with high throughput and CGNAT (Carrier-Grade NAT).
DS-Lite uses IPv6-only links between the provider and the customer to carry IPv4 privately addressed packets. The DS-Lite home gateway (CPE) is provisioned with only an IPv6 address on its WAN interface. At the LAN-side interface, the CPE operates its own DHCP server, handing out RFC1918 private IPv4 addresses to home devices. The CPE does not perform network address translation (NAT); the NAT function is located on a carrier-grade NAT device in the provider’s network, which is also a tunnel terminator for the IPv4-in-IPv6 tunnel. This device is called “address family translation router” or AFTR.
The IPv4 packet from the home device to an external destination is encapsulated in an IPv6 packet by the CPE and transported into the provider network. The packet is de-capsulated at the AFTR and NAT44 is performed to map the CPE’s private IPv4 address to a public IPv4 address. The IPv6 tunnel source address is added to the NAT table, along with an IPv4 source address and port, to both disambiguate the customer private address and provide the reference for the tunnel endpoint. If a home device needs to access an IPv6 service, it is transported “as-is” and routed to an Internet server. With DS-Lite technology, the communications between end-nodes stay within their address family without requiring protocol family translation.