MacOS – El Capitan “Create NAT64 Network” – connection issues

I am trying to test apps for IPv6 according to Apple's documentation at Supporting IPv6 DNS64/NAT64 Networks. I have difficulties connecting from the iPad to my app server.

My Network Layout:

The Fritzbox has IPv6 support turned on with 6to4 enabled, because my provider does not have IPv6. I ran a set of tests with IPv6 turned off. The result was the same (see list of test items below).

macmedia runs El Capitan and runs iTunes serving as a media server.

macsrv runs El Capitan and OS X Server 5 with DNS, DHCP, File Sharing, Web, Wiki.

My Test Process:

I can set up the NAT64 network as described in the Apple document (in "Settings" hold option key, press "Sharing", then "Internet Sharing" and release option key).

I ran some tests, one of them looked like this:

• turn on NAT64 on macsrv
• in iPad Air WLAN settings select NAT64 network
• the blue checkmark appears in front of the network name
• the blue i-icon delivers this:
  • IP 169.254.55.58 / mask 255.255.0.0
  • DNS 2001:2:0:aab1::1
  • all other fields empty
• in Safari on iPad Air:
  • https://www.google.com/ -> takes a long time, eventually a message like: "Could not open the page, because the server does not respond any more."
  • http://macsrv:8989/ -> could not find server
  • http://macsrv.local:8989/ -> "It works!" (Just looked at the logs: The access in apache2 was logged with the IPv6 address of the en0 interface of macsrv)
  • http://192.168.1.11:8989/ -> Error like "Could not open page, because the iPad is not connected to the internet." (192.168.1.11 is macsrv)
  • http://[2001:2::aab1:129a:ddff:fe4f:38f8]:80 -> takes a long time, eventually a message like: "Could not open the page, because the server does not respond any more." (like google.com; the address is the IPv6 address of the en0 interface on macsrv)
  • http://192.168.1.115:8088/ -> Error like "Could not open page, because the iPad is not connected to the internet."
  • http://app.intra.admadic.com:8088/ -> could not find server (this is the same as 192.168.1.115)

Once I connected the iPad Air to the macrsv NAT64 network and it received the IP address 192.168.2.2. This happened never again.

When I start the NAT64 network on macmedia, the iPad cannot connect and the activity indicator keeps spinning forever.

NAT64 Details:

I looked for processes running when NAT64 is enabled:

/usr/libexec/InternetSharing
rtadvd -c /etc/com.apple.mis.rtadvd.conf -f -s bridge100
unbound -c /etc/com.apple.mis.unbound.conf -d

There are two config files related to com.apple.mis...:

/etc/com.apple.mis.rtadvd.conf:

bridge100:\
     nolladdr:maxinterval#135:mininterval#45:rltime#1800:addr="2001:2:0:aab1::":prefixlen#64:rdnssaddrs#1:rdnssaddr="2001:2:0:aab1::1"

/etc/com.apple.mis.unbound.conf:

server:
    chroot: ""
    pidfile: "/etc/unbound.pid"
    chroot: ""
    directory: "/etc"
    username: ""
    do-daemonize: no
    access-control: ::0/0 allow
    module-config: "dns64 iterator"
    dns64-synthall: yes
    dns64-prefix: 64:ff9b::/96
    interface: ::0
forward-zone:
    name: "."
    forward-addr: 192.168.1.11

I checked these conf files on macsrv and macmedia and they are identical in every detail.

Questions:

Q1. What could be the reason for NAT64 not working on macmedia?

Q2. Can I convince the NAT64 network to use my intranet DNS?

Q3. What could be the reason for NAT64 on macsrv to be sometimes working and sometimes not?

Q4. Why does the iPad get an 169.254.55.58 IPv4 address? (Shouldn't it only have IPv6 when connecting to NAT64?)

Q5: Do the com.apple.mis… conf files look ok? (having 192.168.1.11 as forward looks fine to me…)