Also, I am not able to get jool compiled for my kernel at this time; I am dependant on a recent kernel, as I am using/testing bcachefs:
/sbin/dkms install jool-4.1.7/ Sign command: /lib/modules/6.7.0-rc4-bcachefs-kvm/build/scripts/sign-file Signing key: /var/lib/dkms/mok.key Public certificate (MOK): /var/lib/dkms/mok.pub Certificate or key are missing, generating self signed certificate for MOK... Creating symlink /var/lib/dkms/jool/4.1.7/source -> /usr/src/jool-4.1.7 Building module: Cleaning build area... make -j3 KERNELRELEASE=6.7.0-rc4-bcachefs-kvm -C /lib/modules/6.7.0-rc4-bcachefs-kvm/build M=/var/lib/dkms/jool/4.1.7/build/src/mod/common modules && make -C /lib/modules/6.7.0-rc4-bcachefs-kvm/build M=/var/lib/dkms/jool/4.1.7/build/src/mod/nat64 modules && make -C /lib/modules/6.7.0-rc4-bcachefs-kvm/build M=/var/lib/dkms/jool/4.1.7/build/src/mod/siit modules.....(bad exit status: 2) Error! Bad return status for module build on kernel: 6.7.0-rc4-bcachefs-kvm (x86_64) Consult /var/lib/dkms/jool/4.1.7/build/make.log for more information. root@potnia:/usr/local/src/unpacked# less /var/lib/dkms/jool/4.1.7/build/make.log On Sun, Dec 17, 2023 at 2:08 PM Rob Ert <[email protected]> wrote: > Hello all, > > I need IPv4 connectivity for my particular ipvlan server setup, and would > like to implement it with NAT64. > > Following are the specifics of my server setup: > > Hetzner VM (kvm based - one IPv4 and a /64 IPv6 subnet) with: > > multiple IPv6-only systemd-nspawn containerized machine instances > connected over ipvlan – host and guest systems are all Debian Trixie. > > The specifics of ipvlan are given here: > > https://people.netfilter.org/pablo/netdev0.1/papers/IPVLAN-The-beginning.pdf > > with the main point being (paraphrasing the original article): > > Traffic to and from the host master device (defaultns) cannot be sent to > and > from slaves. This can be worked-around by assigning one of the virtual > devices > to the host and eliminating the configuration on the master interface. > > ~# cat /etc/systemd/network/10-enp1s0.network > [Match] > Name=en* > [Network] > DHCP=no > LinkLocalAddressing=no > KeepConfiguration=yes > IPVLAN=iv-0 > > ~# cat /etc/systemd/network/20-iv-0.network > [Match] > Name=iv-0 > [Network] > DHCP=ipv4 > Address=2a01:4ff:xxxx:xxxx::1/64 > DNS=2a01:4ff:xxxx:xxxx::1 > Gateway=fe80::1 > > ~# cat /etc/systemd/nspawn/container.nspawn > [Exec] > PrivateUsers=off > Timezone=off > [Network] > IPVLAN=enp1s0 > ~# > > I have this setup and working nicely with WireGuard and Unbound/DNS64; I > am able > to access the wider Internet and the containerized machines over IPv6, > utilizing the > VM’s IPv6 connectivity, with my IPv4-only Internet connection. > > What I need now, is for the IPv6-only systemd-nspawn containerized machine > instances > connected over ipvlan to be able access IPv4-only hosts (e.g. github.com). > > I wasn’t able to get NAT64 working with my particular setup and my first > tries with tayga; > ping -6 github.com works on the host, but not on the IPv6-only > containers, as they don’t > automatically have access to the host's nat64 tun device among other > things. Is there any > chance jool would be easier to get working with this particular setup? > > Any pointer would be much appreciated. > > Best regards, > > Rob >
_______________________________________________ Jool-list mailing list [email protected] https://mail-lists.nic.mx/listas/listinfo/jool-list
