Research And Design Of Virtual Firewall To Achieve IPv6-to-IPv4

With the rapid development of network information age,more and more IP address pool is occupied by the server system developed continuously.Finally,on November 26,2019,all4.3 billion IPv4 addresses in the world are exhausted,which also indicates that the use of IP address in the information age must be converted from IPv4 address to IPv6 address,but the transition from IPv4 address to IPv6 address is a very long process Period.At present,most server systems on the network still use IPv4 address for data transmission and interaction,so at this stage when all service systems have not successfully transited to IPv6 address server,it is a very hot topic that new IPv6 clients want to safely access the business server of IPv4 address on the network.Researchers also call it ipv6-to-ipv4.At present,the way for IPv6 clients to access IPv4 service server is to translate IPv6 and IPv4 addresses with the help of nat64 routing device.If it is DNS message,it also needs the help of DNS server.But this operation will be very dangerous,because in the whole process,the address information has been exposed,it is easy to suffer from a variety of network attacks,such as DDo S attacks,SQL injection,etc.,to a certain extent,it will lead to the paralysis of the server and client or the data at both ends is stolen,so in the implementation of ipv6-to-ipv4,we must consider the problem of network security.Firewall is the most important choice in network security,because the firewall itself has a powerful protection system,can resist all kinds of network illegal attacks,and the performance of the firewall itself also supports the development of various functions.Therefore,based on the firewall system,this paper puts forward the structure system of realizing ipv6-to-ipv4 with the popular virtual firewall technology,that is,the conversion technology of IPv6 address and IPv4 address through the virtual firewall,which can not only protect the security of information transmission to a great extent,but also successfully realize the ipv6-to-ipv4 Technology.The main work of this paper is as follows:(1)Analyzed the current research in the field of IPv6 access IPv4 technology and firewall virtualization technology,proposed through the virtual firewall IPv6 client access IPv4 service server scheme.At the same time,the key technologies needed to implement IPv6-to-IPv4 and the key technologies and system structures in the virtualization firewall are introduced.(2)The demand analysis and structure design of the virtual firewall system are mainly to combine the current virtual firewall technology with IPv6-to-IPv4 technology.After analyzing the entire working process of virtual firewall,this paper puts forward the realization of IPv6-to-IPv4 by virtual firewall into three processes: receiving process before session,processing process in session and forwarding process after session,and then analyzes and designs the three processes in turn.(3)The IPv6-to-IPv4 system under the virtual firewall scenario is implemented in the actual network,which mainly includes the deployment of the virtual firewall environment,DNS64 server construction and NAT64 routing configuration.Among them,the virtual firewall deployment includes the establishment of IPv6 client and IPv4 service server,and DNS64 and NAT64 technologies also need to be implemented in the virtual firewall environment.(4)System testing and data analysis.After the design system is successfully implemented in the actual network environment,the testing is mainly divided into functional testing and performance testing.Functional testing is mainly tested through various test cases.The performance test is mainly through sending IPv6 packets from IPv6 client to IPv4 service server to check the successful parsing rate and successful forwarding rate of IPv6 packets by the virtual firewall.The virtual firewall proposed in this paper to realize IPv6-to-IPv4 system can be carried out in small-scale practical application after continuous testing,and has achieved good results,not only to meet the security transmission of enterprises,but also successfully realized from the IPv6 client to access IPv4 service server.