Hi, On Wed, Mar 8, 2017 at 10:23 PM, JORDI PALET MARTINEZ <jordi.pa...@consulintel.es> wrote: > Hi Hans, > > I believe you’re the maintainer of 464XLAT. I want to do demonstrations of > OpenWRT/LEDE in scenarios where you run out of IPv4 addresses for the WAN > links. > > Sorry to write you directly, but I’ve been trying for many hours to find more > info as I’m not succeeding to configure a CLAT to work in a very simple > scenario. I've added LEDE development mailing list in CC as the info could be usefull for other persons who're trying to use 464xlat > > The main problem is that I don’t know what are the parameters needed in the > network file. The 464xlat feature is currently broken on LEDE as the 464xlat netifd logic have been reverted (https://git.lede-project.org/?p=project/netifd.git;a=commit;h=39d9ceeb96162a83a3f5fa63e6aaa1ccb38caa62) as it changed the default behavior of user ip rules in unexpected ways. This can easily be checked by the ip rule list cmd as it should contain a rule to the prelocal table. > > My scenario is quite simple. I’ve a virtual machine with Ubuntu running a > DNS64 with bind9 and NAT64 with Jool. This has been tested and is working. > > In the router where I want to run CLAT, I’ve: > > 1) WAN interface configured only with an IPv6 address (and of course I’ve > checked that I can ping from here to the DNS/NAT64 and Internet with IPv6). > 2) LAN interface with an IPv6 prefix /64, an IPv4 /24 (private), and DHCP and > SLAAC running. I can ping with both IPv4 and IPv6 to the router. > > I tried both with Luci and editing the network file. > > I don’t understand what it means tunlink (is it the WAN with only IPv6 > interface?). Should I configure additional addresses for the CLAT? According > the 464XLAT RFC I need 3 IPv6/prefixes (WAN/LAN/translation). tunlink is indeed the logical interface on which the 464xlat interface depends; in this case it's the IPv6 wan interface > > By the way, for the NAT64, I’m using the standard prefix 64:ff9b::/96. > > Do I need to do any special configuration in the rest of the interfaces or > the firewall to make it work? You need to specify to which firewall zone the 464xlat interface belongs via the zone UCI parameter; usually this is the wan zone > > I hope you have a sample configuration for the network and firewall files > that I can understand what I’m doing wrong or missing. It may be something > really silly but I’m unable to see it. > First you need to verify if you're using a build which still supports 464xlat otherwise even with a correct config it won't work ...
Hans > Thanks a lot! > > By the way, we just submitted a new IETF draft to allow configuring the CLAT > (and other protocols related to NAT64 usage) by DHCPv6 options: > > https://www.ietf.org/id/draft-li-intarea-nat64-prefix-dhcp-option-00.txt > > Regards, > Jordi > > > > > > > > > > > > > > > ********************************************** > IPv4 is over > Are you ready for the new Internet ? > http://www.consulintel.es > The IPv6 Company > > This electronic message contains information which may be privileged or > confidential. The information is intended to be for the use of the > individual(s) named above. If you are not the intended recipient be aware > that any disclosure, copying, distribution or use of the contents of this > information, including attached files, is prohibited. > > > _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev