Benno, all,
The gateway is running unbound with dns64 module enabled. The gateway does use
the resolver for it's own resolving of names. I found a better solution by
running two instances of unbound on the gateway. One instance for the client
networks with dns64 module enabled, and one instance
Dan L??dtke(m...@danrl.com) on 2016.06.07 19:14:24 +0200:
> Follow-up:
>
> This rule matches outgoing packets to nat64 well-known prefix 64:ff9b::/96:
> pass out quick on $if_wan inet6 from $if_wan:network to 64:ff9b::/96 af-to
> inet from ($if_wan)
af-to does not work on pass out rules.
Why do
Follow-up:
This rule matches outgoing packets to nat64 well-known prefix 64:ff9b::/96:
pass out quick on $if_wan inet6 from $if_wan:network to 64:ff9b::/96 af-to
inet from ($if_wan)
Echo requests do leave $if_wan with translated address family, replies show up
in tcpdump on $if_wan:
Hi,
my setup: [host]--[router]--[internet]
[Host] can ping legacy internet hosts via NAT64. Works fine. Corresponding
line in pf.conf reads:
pass in quick on $if_lan inet6 from $if_lan:network to 64:ff9b::/96 af-to
inet from ($if_wan)
However, [router] can not ping legacy internet hosts via
4 matches
Mail list logo
