NAT64、DNS64の計測の論文
- Performance of NAT64 versus NAT44 in the Context of IPv6 Migration
- Measuring IPv4 – IPv6 translation techniques
- Study of Packet Level UDP Performance of NAT44, NAT64 and IPv6 Using Iperf in the Context of IPv6 Migration
- Application compatibility of the NAT64 IPv6 transition technology
- Performance Evaluation of IPv4/IPv6 Transition Mechanisms
- Benchmarking methodology for DNS64 servers
- RFC8219: Benchmarking Methodology for IPv6 Transition Technologies
- Benchmarking DNS64 implementations: Theory and practice
- Methodology for the identification of potential security issues of different IPv6 transition technologies: Threat analysis of DNS64 and stateful NAT64
- ちょっと関係ないけどDNSSECとDNS64についてJenさん
Performance of NAT64 versus NAT44 in the Context of IPv6 Migration
2012
Kenneth Joachim O. Llanto and William Emmanuel S. Yu
https://www.iaeng.org/publication/IMECS2012/IMECS2012_pp638-645.pdf
Tayga -- out-of-kernel stateless NAT64 implementation for Linux that uses the TUNnnel (TUN) driver. を使用して実験NAT64している。
stateless NAT64か。
RTTとCPU utilization,Throughputでを実際のネットワークと、実験ネットワークで比較。NAT64の方が良い結果と言えるほどの差ではないが、NAT44より悪くはなっていない(良い結果をだせてる)。
Measuring IPv4 – IPv6 translation techniques
2012
NAT-PT is a stateless IPv4 to IPv6 translator that maps IPv4 addresses to IPv6 addresses, while NAT64 is a stateful IPv6 to IPv4 translator that maps IPv6 addresses to IPv4 addresses. During the experiment, NAT64 was found to be more efficient than NAT-PT in managing a large amount of session state with many simultaneous connections. The median RTT of NAT-PT was greater than that of NAT64
Study of Packet Level UDP Performance of NAT44, NAT64 and IPv6 Using Iperf in the Context of IPv6 Migration
October 2014
Vitruvius John D. Barayuga; William Emmanuel S. Yu
https://ieeexplore.ieee.org/abstract/document/7021814
Application compatibility of the NAT64 IPv6 transition technology
2015
Sándor Répás; Tamás Hajas; Gábor Lencse
The very common P2P and VoIP applications were not working at all with NAT64
Performance Evaluation of IPv4/IPv6 Transition Mechanisms
2016
Adira Quintero, Francisco Sans, and Eric Gamess
ISATAP, 6to4, and NAT64(TAYGA and Jool)
今までNAT64ソフトウェアはJoolしか知らなかったが、TAYGAはパフォーマンスに問題があるしメンテされていないようなのでOSSのNAT64はJoolしかないのかな。
Jool is a stateful NAT64 implementation that works in the kernel space, while TAYGA is a stateless NAT64 implementation (used together with iptables to provide stateful NAT64) that works in the user space.
ISATAP stands for Intra-Site Automatic Tunnel Addressing Protocol. It is a mechanism that allows IPv6 packets to be transmitted over an IPv4 network by encapsulating the IPv6 packets within IPv4 packets.
6to4 is a system that allows IPv6 packets to be transmitted over an IPv4 network without configuring explicit tunnels. A 6to4 site can have up to 2^80 IPv6 addresses of the type 2002:<IPv4Address>:/48
RTT計測の結果
Native IPv4 has a better performance than native IPv6 in controlled testbeds. This is due to the length of the IP headers (20 bytes for IPv4, and 40 bytes for IPv6). Also, our experiments showed that generally, ISATAP and 6to4 have similar network performancesNAT64 where one IPv6 and one IPv4 packet serializations are needed.
MAT64に関しては、Jool の方が性能が良く、TAYGAはパフォーマンスに問題がある。
Benchmarking methodology for DNS64 servers
1 September 2017
Gábor Lencse, Marius Georgescu, Youki Kadobayashi
https://www.sciencedirect.com/science/article/pii/S0140366416305904
以下の図で実験
dns64perf++ という評価プログラムを作成してそれを用いて、BINDなどのDNS64ソフトウェアを評価。
RFC8219: Benchmarking Methodology for IPv6 Transition Technologies
August 2017
M Georgescu, L Pislaru, G Lencse
https://datatracker.ietf.org/doc/html/rfc8219
Before a Tester can be used for testing a DUT at rate r queries per second with t seconds timeout, it MUST perform a self-test in order to exclude the possibility that the poor performance of the Tester itself influences the results. To pass the self-test, the Tester SHOULD be able to answer AAAA record queries at rate of 2*(r+delta) within a 0.25*t timeout, where the value of delta is at least 0.1.
Benchmarking DNS64 implementations: Theory and practice
2018
G Lencse, Y Kadobayashi
Unbound has the highest single-core performance, PowerDNS scales up the best with the number of CPU cores, and BIND has the lowest DNS64 performance.
RFC8219に書かれているようにTesterの性能をまず測定して、実験に適った性能化確認している。
コマンドラインツールであるdns64perf ++ を使用して測定。
4つのDNSソフトウェアに対して実験。
- •
BIND 9.10.3-P4-Debian
- •
PowerDNS Recursor 4.0.4
- •
Unbound 1.6.0
- •
mtd64-ng 1.1.0 (for the calibration of the test system only)
CPU core数による結果の変化に着目
Unbound shows the highest single core performance, PowerDNS scales up the best.
BINDあまり良くない。
Methodology for the identification of potential security issues of different IPv6 transition technologies: Threat analysis of DNS64 and stateful NAT64
セキュリティの観点からDNS64/NAT64について
ちょっと関係ないけどDNSSECとDNS64についてJenさん
https://blog.apnic.net/2016/06/09/lets-talk-ipv6-dns64-dnssec/