A note from my side: as soon as Jool has LOCAL_OUT support, it can act to enable IPv4 inside IPv6 only networks for applications - so quite a huge use case added.
My 2 Swiss Rappen, Nico Alberto Leiva via Jool-list <[email protected]> writes: > Hi > > Jool is currently hardcoded to only accept attachments to PREROUTING: > [0]. You cannot attach it to LOCAL_OUT. This means Jool cannot catch > packets generated by its own machine. > If you want Jool in LOCAL_OUT, please request the feature: [1] > Alternatively, you can enclose Jool in a network namespace: [2] > > Good luck, > Alberto > > [0] https://github.com/NICMx/Jool/blob/master/src/mod/common/xlator.c#L33 > [1] https://github.com/NICMx/Jool > [2] https://jool.mx/en/node-based-translation.html > > On Sun, Jun 28, 2020 at 2:16 PM Ben Hardill via Jool-list > <[email protected]> wrote: >> >> Hi, >> >> I've been using Jool as part of a desktop ISP I've been playing with. I >> have a Pi as a PPPoE concentrator, another acting as a home PPPoE router >> and finally a third acting as a end user device (e.g. laptop/phone). >> >> I have a SIIT instance running on the router device mapping the local >> IPv4 range with the IPv6 prefix and the reveres mapping happening on the >> PPPoE concentrator. This is all working well with the end user device >> able to access the IPv4 address space. >> >> >> ************** 1 ************** 2 ************** >> * isp * <-----> * router * <-----> * laptop * >> ************** ************** ************** >> >> >> 1. IPv6 only >> 2. IPv4 & IPv6 >> >> isp >> --- >> >> eth0 -> WAN IPv4 and IPv6 to the world >> >> eth1 -> PPPoE to router >> >> jool -> >> jool instance add "example" --iptables --pool6 64:ff9b::/96 >> >> ip6tables -t mangle -A PREROUTING -j JOOL --instance "example" >> iptables -t mangle -A PREROUTING -j JOOL --instance "example" >> >> jool -i "example" pool4 add -i 192.168.1.94 61000-65535 >> jool -i "example" pool4 add -t 192.168.1.94 61000-65535 >> jool -i "example" pool4 add -u 192.168.1.94 61000-65535 >> >> >> >> router >> ------ >> >> eth0 -> PPPoE to ISP comes with only a IPv6 and a 2 delegated IPv6 >> ranges, fd12:3456:789a:2::/64 for handing out to LAN device and >> fd12:3456:789a:f464:2::/96 to use as the prefix for the 464 translation >> >> eth1 -> 10.66.0.1/24 with >> - DHCP handing out the rest of 10.66.0.0/24 to the LAN >> - RADVD handing out /64 >> >> jool -> >> jool_siit instance add "example" --iptables --pool6 64:ff9b::/96 >> jool_siit -i "example" eamt add fd12:3456:789a:f464:2::/96 10.66.0.0/24 >> ip6tables -t mangle -A PREROUTING -j JOOL_SIIT --instance "example" >> iptables -t mangle -A PREROUTING -j JOOL_SIIT --instance "example" >> >> >> The problem is on the router device, since it only has a IPv6 link to >> outside world and no IPv4 default route, I'm having problems reaching >> IPv4 addresses from the router. >> >> Can anybody suggest what iptables rules and/or route I need to add so >> IPv4 traffic from the router gets mapped through jool? >> >> >> Thank, >> >> Ben >> -- >> http://www.hardill.me.uk/wordpress >> http://about.me/hardillb >> http://flickr.com/photos/hardillb/ >> http://last.fm/user/hardillb >> https://keybase.io/hardillb >> _______________________________________________ >> Jool-list mailing list >> [email protected] >> https://mail-lists.nic.mx/listas/listinfo/jool-list > _______________________________________________ > Jool-list mailing list > [email protected] > https://mail-lists.nic.mx/listas/listinfo/jool-list -- Modern, affordable, Swiss Virtual Machines. Visit www.datacenterlight.ch _______________________________________________ Jool-list mailing list [email protected] https://mail-lists.nic.mx/listas/listinfo/jool-list
