Hi Jool is currently hardcoded to only accept attachments to PREROUTING: [0]. You cannot attach it to LOCAL_OUT. This means Jool cannot catch packets generated by its own machine. If you want Jool in LOCAL_OUT, please request the feature: [1] Alternatively, you can enclose Jool in a network namespace: [2]
Good luck, Alberto [0] https://github.com/NICMx/Jool/blob/master/src/mod/common/xlator.c#L33 [1] https://github.com/NICMx/Jool [2] https://jool.mx/en/node-based-translation.html On Sun, Jun 28, 2020 at 2:16 PM Ben Hardill via Jool-list <[email protected]> wrote: > > Hi, > > I've been using Jool as part of a desktop ISP I've been playing with. I > have a Pi as a PPPoE concentrator, another acting as a home PPPoE router > and finally a third acting as a end user device (e.g. laptop/phone). > > I have a SIIT instance running on the router device mapping the local > IPv4 range with the IPv6 prefix and the reveres mapping happening on the > PPPoE concentrator. This is all working well with the end user device > able to access the IPv4 address space. > > > ************** 1 ************** 2 ************** > * isp * <-----> * router * <-----> * laptop * > ************** ************** ************** > > > 1. IPv6 only > 2. IPv4 & IPv6 > > isp > --- > > eth0 -> WAN IPv4 and IPv6 to the world > > eth1 -> PPPoE to router > > jool -> > jool instance add "example" --iptables --pool6 64:ff9b::/96 > > ip6tables -t mangle -A PREROUTING -j JOOL --instance "example" > iptables -t mangle -A PREROUTING -j JOOL --instance "example" > > jool -i "example" pool4 add -i 192.168.1.94 61000-65535 > jool -i "example" pool4 add -t 192.168.1.94 61000-65535 > jool -i "example" pool4 add -u 192.168.1.94 61000-65535 > > > > router > ------ > > eth0 -> PPPoE to ISP comes with only a IPv6 and a 2 delegated IPv6 > ranges, fd12:3456:789a:2::/64 for handing out to LAN device and > fd12:3456:789a:f464:2::/96 to use as the prefix for the 464 translation > > eth1 -> 10.66.0.1/24 with > - DHCP handing out the rest of 10.66.0.0/24 to the LAN > - RADVD handing out /64 > > jool -> > jool_siit instance add "example" --iptables --pool6 64:ff9b::/96 > jool_siit -i "example" eamt add fd12:3456:789a:f464:2::/96 10.66.0.0/24 > ip6tables -t mangle -A PREROUTING -j JOOL_SIIT --instance "example" > iptables -t mangle -A PREROUTING -j JOOL_SIIT --instance "example" > > > The problem is on the router device, since it only has a IPv6 link to > outside world and no IPv4 default route, I'm having problems reaching > IPv4 addresses from the router. > > Can anybody suggest what iptables rules and/or route I need to add so > IPv4 traffic from the router gets mapped through jool? > > > Thank, > > Ben > -- > http://www.hardill.me.uk/wordpress > http://about.me/hardillb > http://flickr.com/photos/hardillb/ > http://last.fm/user/hardillb > https://keybase.io/hardillb > _______________________________________________ > Jool-list mailing list > [email protected] > https://mail-lists.nic.mx/listas/listinfo/jool-list _______________________________________________ Jool-list mailing list [email protected] https://mail-lists.nic.mx/listas/listinfo/jool-list
