You might be right. The use case I see is:
- computer/system x has legacy apps installed - computer/system x just installs jool and maps v4 addresses into port range - legacy apps now can run on IPv6 only hosts So very similar operation to https://github.com/toreanderson/clatd. Which, for no surprise, currently relies on tayga. Cheers, Nico Alberto Leiva <[email protected]> writes: > I understand that you can enable IPv4 inside IPv6 only networks for > applications by doing the network namespace trick. > I don't see LOCAL_OUT as a new feature, but rather as an easier means > to do something that's already supported. > > On Mon, Jun 29, 2020 at 8:11 AM Nico Schottelius > <[email protected]> wrote: >> >> >> A note from my side: as soon as Jool has LOCAL_OUT support, it can act >> to enable IPv4 inside IPv6 only networks for applications - so quite a >> huge use case added. >> >> My 2 Swiss Rappen, >> >> Nico >> >> Alberto Leiva via Jool-list <[email protected]> writes: >> >> > Hi >> > >> > Jool is currently hardcoded to only accept attachments to PREROUTING: >> > [0]. You cannot attach it to LOCAL_OUT. This means Jool cannot catch >> > packets generated by its own machine. >> > If you want Jool in LOCAL_OUT, please request the feature: [1] >> > Alternatively, you can enclose Jool in a network namespace: [2] >> > >> > Good luck, >> > Alberto >> > >> > [0] https://github.com/NICMx/Jool/blob/master/src/mod/common/xlator.c#L33 >> > [1] https://github.com/NICMx/Jool >> > [2] https://jool.mx/en/node-based-translation.html >> > >> > On Sun, Jun 28, 2020 at 2:16 PM Ben Hardill via Jool-list >> > <[email protected]> wrote: >> >> >> >> Hi, >> >> >> >> I've been using Jool as part of a desktop ISP I've been playing with. I >> >> have a Pi as a PPPoE concentrator, another acting as a home PPPoE router >> >> and finally a third acting as a end user device (e.g. laptop/phone). >> >> >> >> I have a SIIT instance running on the router device mapping the local >> >> IPv4 range with the IPv6 prefix and the reveres mapping happening on the >> >> PPPoE concentrator. This is all working well with the end user device >> >> able to access the IPv4 address space. >> >> >> >> >> >> ************** 1 ************** 2 ************** >> >> * isp * <-----> * router * <-----> * laptop * >> >> ************** ************** ************** >> >> >> >> >> >> 1. IPv6 only >> >> 2. IPv4 & IPv6 >> >> >> >> isp >> >> --- >> >> >> >> eth0 -> WAN IPv4 and IPv6 to the world >> >> >> >> eth1 -> PPPoE to router >> >> >> >> jool -> >> >> jool instance add "example" --iptables --pool6 64:ff9b::/96 >> >> >> >> ip6tables -t mangle -A PREROUTING -j JOOL --instance "example" >> >> iptables -t mangle -A PREROUTING -j JOOL --instance "example" >> >> >> >> jool -i "example" pool4 add -i 192.168.1.94 61000-65535 >> >> jool -i "example" pool4 add -t 192.168.1.94 61000-65535 >> >> jool -i "example" pool4 add -u 192.168.1.94 61000-65535 >> >> >> >> >> >> >> >> router >> >> ------ >> >> >> >> eth0 -> PPPoE to ISP comes with only a IPv6 and a 2 delegated IPv6 >> >> ranges, fd12:3456:789a:2::/64 for handing out to LAN device and >> >> fd12:3456:789a:f464:2::/96 to use as the prefix for the 464 translation >> >> >> >> eth1 -> 10.66.0.1/24 with >> >> - DHCP handing out the rest of 10.66.0.0/24 to the LAN >> >> - RADVD handing out /64 >> >> >> >> jool -> >> >> jool_siit instance add "example" --iptables --pool6 64:ff9b::/96 >> >> jool_siit -i "example" eamt add fd12:3456:789a:f464:2::/96 >> >> 10.66.0.0/24 >> >> ip6tables -t mangle -A PREROUTING -j JOOL_SIIT --instance "example" >> >> iptables -t mangle -A PREROUTING -j JOOL_SIIT --instance "example" >> >> >> >> >> >> The problem is on the router device, since it only has a IPv6 link to >> >> outside world and no IPv4 default route, I'm having problems reaching >> >> IPv4 addresses from the router. >> >> >> >> Can anybody suggest what iptables rules and/or route I need to add so >> >> IPv4 traffic from the router gets mapped through jool? >> >> >> >> >> >> Thank, >> >> >> >> Ben >> >> -- >> >> http://www.hardill.me.uk/wordpress >> >> http://about.me/hardillb >> >> http://flickr.com/photos/hardillb/ >> >> http://last.fm/user/hardillb >> >> https://keybase.io/hardillb >> >> _______________________________________________ >> >> Jool-list mailing list >> >> [email protected] >> >> https://mail-lists.nic.mx/listas/listinfo/jool-list >> > _______________________________________________ >> > Jool-list mailing list >> > [email protected] >> > https://mail-lists.nic.mx/listas/listinfo/jool-list >> >> >> -- >> Modern, affordable, Swiss Virtual Machines. Visit www.datacenterlight.ch -- Modern, affordable, Swiss Virtual Machines. Visit www.datacenterlight.ch _______________________________________________ Jool-list mailing list [email protected] https://mail-lists.nic.mx/listas/listinfo/jool-list
