Oh, I forgot: Here's how to enclose Jool in a network namespace: https://jool.mx/en/usr-flags-instance.html https://jool.mx/en/node-based-translation.html
Both documentation pieces intend to do something slightly different from what you're doing, but should be easy to adapt. On Mon, May 21, 2018 at 11:29 AM, Alberto Leiva <[email protected]> wrote: >> IPv4 packets created by Jool do not seem to pass the >> nat postrouting chain in netfilter > > Hmm? This is odd. The kernel code says otherwise. Might be a bug; I'll > test it now. > > Anyway, this is how it's supposed to work: > https://jool.mx/en/intro-jool.html#design > > Check both diagrams. Assuming that Jool packets are really skipping > the postrouting chain, you could enclose it in a network namespace > (the red box) so you can use the outer namespace's (not red box) > postrouting chain. There is no way that one will be skipped if you do > that. > > On Sun, May 20, 2018 at 9:48 AM, Martin Weinelt > <[email protected]> wrote: >> Hi everyone, >> >> I'm currently building my first NAT64 setup and have stumbled upon a >> problem. >> >> When I use our public IPv4 address as pool4 I can access the internet >> just fine, except that I additionally need to be able to reach some >> private ipv4 addresses over site-to-site tunnels as well, where that >> source address doesn't work. >> >> This is why I though of using a bunch of private IPv4 addresses to map >> the NAT64 against, so they'll work for the s2s tunnel and where I can >> additionally make use of NAT44 towards the internet. >> >> The issue is that IPv4 packets created by Jool do not seem to pass the >> nat postrouting chain in netfilter, where masquerading would happen. >> Instead I now have private IPv4 address being used as saddr towards the >> internet, which cannot work either. >> >> I'd appreciate some help! >> >> >> Best regards, >> >> Martin >> _______________________________________________ >> Jool-list mailing list >> [email protected] >> https://mail-lists.nic.mx/listas/listinfo/jool-list _______________________________________________ Jool-list mailing list [email protected] https://mail-lists.nic.mx/listas/listinfo/jool-list
