Do you know how to install Google Public DNS64? If the answer is no, please follow the article below to know how to do it in detail! Before configuring your system to use Google Public DNS64, consider the following restrictions that may affect your use of the service: Google Public DNS64 is only used on networks that have access to NAT64 ports using the NAT64 64 prefix: ff9b :: / 96. Do not use on networks that do not pass NAT64 ports. Google Public DNS64 does not provide access to private domains but cannot resolve from the public Internet, although it can return AAAA records for private IPv4 addresses (RFC 1918). Google Public DNS64 is not required for dual-stack servers or networks (technology that allows IPv4 and IPv6 to work in a network device).

Google Public DNS64

Configuring Google Public DNS64

If your system has no problems with the above Google Public DNS64 restrictions, you can perform the installation according to the instructions below, replacing the standard addresses with the following addresses:

  • 2001: 4860: 4860 :: 6464
  • 2001: 4860: 4860 :: 64

Not configuring any other IPv6 addresses by doing so will make DNS64 unreliable. If you also configure IPv4 Google Public DNS addresses ( or, dual-stack servers may not receive aggregated AAAA records.

Some devices will use separate fields for all 8 parts of the IPv6 address and do not accept the abbreviated syntax  :: IPv6 . For such schools, enter:

  • 2001: 4860: 4860: 0: 0: 0: 0: 6464
  • 2001: 4860: 4860: 0: 0: 0: 0: 64

Expand entry 0 to 0000 and entry 64 to 0064 if 4 hex digits are required.


Check DNS64 settings

You can perform the following check steps to verify that the DNS64 configuration is working.

Some NAT64 implementations are known to not work with Google Public DNS64:

MacOS X 10.11 and later versions combine with NAT64 / DNS64 but cannot overcome IPv6, preventing access to Google Public DNS64 resolution tools. It is only used to check IPv6-only devices when you only have IPv4 connections with the Internet and only works with DNS64 devices.

Cisco ASA 9.0 and later versions incorporate NAT64 but do not support the 64: ff9b :: / 96 prefix and require you to choose your own prefix. It does not perform DNS64 but checks and rewrites the NAT of DNS traffic passing through NAT64 ports.

IPv6-only devices behind the Cisco ASA can receive IPv4 connections with Google Public DNS by configuring the following addresses:

  • NAT64-prefix::0808:0808 ( through Cisco ASA NAT64 )

  • NAT64-prefix::0808:0404 ( through Cisco ASA NAT64 )

This will lead queries to Google Public DNS through Cisco ASA NAT64. With some additional Cisco ASA configurations, queries will be converted into query A and responses A are translated back to AAAA with the prefix configured.

Using both NAT64 addresses and Google Public DNS IPv6 (2001: 4860: 4860 :: 8888 or 2001: 4860: 4860 :: 8844) does not work, because negative feedback from either address will not be accessed problem. You must choose an IPv6 or IPv4 DNS resolution for all queries.

See more: