In IPv6 blog series we have covered transition technologies NAT64 – that allows IPv6 hosts to communicate with resources on IPv4 network and 6rd – that allows IPv6 traffic to be tunneled over IPv4 network. When service providers want to migrate their core network to IPv6, they need to ensure that existing IPv4 users continue to get access to IPv4 internet as before. This is where DS-Lite comes in – it is a tunneling technology that encapsulates IPv4 packets in IPv6 transport to be delivered to final IPv4 destination. DS Lite combines IPv4-in-IPv6 tunneling with NAT – NAT does the IPv4-IPv4 translation before sending packets to public IPv4 network.

DS-Lite enables service providers to natively allocate IPv6 addresses to new customers while continuing to support IPv4 customers. Main functional components involved in DS-Lite are B4 (Basic Bridging BroadBand) and AFTR (Address Family Translation Router) as shown in figure below:

In a DS Lite enabled network, customer premise device provides B4 functionality. Customer device allocates private IPv4 addresses to hosts in the home / customer networks. B4 connects with service provider access network using the IPv6 address allocated by service provider and uses this IPv6 address to establish tunnel with the AFTR device.

AFTR is usually deployed at the edge of service provider IPv6 network and terminates the tunnel created with customer B4 element. AFTR also provides IPv4-IPv4 NAT to translate customer private IPv4 address to public IPv4 address before sending packets out to the public network.

Following sequence describes the connection establishment process using DS Lite:

  1. Host with private IPv4 address initiates a connection to a resource on the public internet
  2. Traffic is sent to B4, which is the default gateway
  3. B4, using its service provider network facing IPv6 addresses establishes the tunnel with AFTR. Address of the AFTR can be pre-configured or can be discovered using DHCPv6
  4. B4 encapsulates the IPv4 packets in IPv6 transport and sends across to AFTR
  5. AFTR terminates the tunnel and de-capsulate the IPv4 packet
  6. AFTR device performs IPv4-IPv4 NAT before sending traffic to the destination IPv4 network

There are many benefits that DS Lite provides:

  1. A lightweight solution to allow IPv4 connectivity over IPv6 network
  2. Avoids the need of multiple levels of NAT as in case of LSN
  3. Allows service providers to move their core and access networks to IPv6 thus enabling them to benefit from IPv6 advantages
  4. Allows coexistence of IPv4 and IPv6
  5. Helps resolve IPv4 address scarcity issue
  6. Allows incremental migration to native IPv6 environment

But as always is the case, benefits don’t come without its own set of challenges:

  1. DS Lite does not provide IPv6 and IPv4 hosts to talk to each other
  2. Increases the size of traffic due to tunnel headers – requires MTU management to avoid fragmentation
  3. Need to manage and maintain bindings between customer addresses and public addresses used for translation in the AFTR device
  4. Brings in additional challenges for DPI in service provider network