Re: IPv4 traffic over IPv6 tunnel approach
I have IPv6 point to point connection. Going to transmit IPv4 inside IPv6 tunnel. client has IPv6 ::::2 gateway has IPv6 ::::1 Martin ‐‐‐ Original Message ‐‐‐ On Friday, May 8, 2020 8:55 PM, Brian Brombacher wrote: > From your description, you want to pass IPv4 inside a tunnel that has an > outer protocol of IPv6. Your resulting hostname.gif0 looks like the exact > opposite of your description (IPv6 inside the tunnel with IPv4 outer). > > Clarify what you need please. Provide your existing hostname.if files for the > other interfaces if you need to. > > > On May 8, 2020, at 3:09 PM, Martin martin...@protonmail.com wrote: > > Last thing I have to understand about gif(4) and IPv6 tunneling. > > Should I set gif(4) 'inet6 alias' = the same IPv6 of the local end of IPv6 > > tunnel interface or just set 'inet6 alias' for gif(4) in tunnel's IPv6 > > subnet? > > Martin > > ‐‐‐ Original Message ‐‐‐ > > > > > > On Friday, May 8, 2020 4:41 PM, Tom Smyth tom.sm...@wirelessconnect.eu > > > > wrote: > > > > Hi Martin, > > > > If I understand your question correctly > > > > you need 2 endpoints to the tunnel... > > > > for gif(4) or any gre((4) based tunnel > > > > you need the interface setup on both the client and the server (gateway) > > > > if you have a gateway serving multiple clients... then you need one > > > > interface per client that you intend to connect > > > > Thanks > > > > Tom Smyth > > > > On Fri, 8 May 2020 at 17:38, Martin martin...@protonmail.com wrote: > > > > Thanks for confirmation. > > > > Hope I understand gif(4) functionality right from its configuration. > > > > Can I set /etc/hostname.gif0 from client's side only like below: > > > > /etc/hostname.gif0 > > > > tunnel 10.20.30.40 195.203.212.221 > > > > inet6 alias 2001:05a8::0001::::8542 128 > > > > dest 2001:05a8::0001::::8541 > > > > where > > > > tunnel 10.20.30.40 is client's address, 195.203.212.221 gateway machine > > > > egress IPv4 > > > > inet6 alias is the same IPv6 address of client's IPv6 local interface > > > > or an IPv6 address in the same subnet. > > > > dest IPv6 is a destination IPv6 interface address of gateway machine. > > > > Do I need to setup gif0 on gateway machine to have encapsulation > > > > working? > > > > Martin > > > > ‐‐‐ Original Message ‐‐‐ > > > > > > > > > On Friday, May 8, 2020 1:43 PM, Kristjan Komlosi > > > > > kristjan.koml...@gmail.com wrote: > > > > > gif(4) should work fine, as it's designed to do what you described. > > > > > The > > > > > best approach depends on the level of security you want to achieve. > > > > > IPIP > > > > > tunnels aren't encrypted... > > > > > regards, kristjan > > > > > On 5/8/20 3:32 PM, Martin wrote: > > > > > > > > > > > I have IPv6 unidirectional tunnel between two machines. One of them > > > > > > is gateway, another one is a client. > > > > > > The goal is to route IPv4 packets over IPv6 tunnel from client to > > > > > > gateway and NAT IPv4 packet to egress on gateway machine. > > > > > > May I use gif(4) for it or what is the best approach to traverse > > > > > > IPv4 packets over IPv6 tun? > > > > > > Martin > > > > > > -- > > > > > > Kindest regards, > > > > > > Tom Smyth.
Re: IPv4 traffic over IPv6 tunnel approach
Martin If I understand your question correctly ... PC1 --IPV6 Gateway1 so you have a public ipv6 address on PC1 and Gateway 1 hostname.gif should specify the real ipv6 address of PC1 and the real IPv6 address of gateway1 in it to establish the tunnel #setup the tunnel interface with a command similar to the following ifconfig gif1 tunnel PC1-IPV6Gateway1-IPV6 #setup an ip address (ipv4) on the gif tunnel ifconfig gif1 inet PC1-IPv4address/subnetmask and do the the gateway ifconfig gif1 tunnel Gateway1-IPV6 PC1-IPV6 setup gateway ipv4 address on tunnel interface you just cratesed ifconfig gif1 inet PC1-IPv4address/subnetmask then you just need to add a default IPv4 Route on the client to the gateway On Fri, 8 May 2020 at 20:05, Martin wrote: > > Last thing I have to understand about gif(4) and IPv6 tunneling. > > Should I set gif(4) 'inet6 alias' = the same IPv6 of the local end of IPv6 > tunnel interface or just set 'inet6 alias' for gif(4) in tunnel's IPv6 subnet? > > Martin > > ‐‐‐ Original Message ‐‐‐ > On Friday, May 8, 2020 4:41 PM, Tom Smyth > wrote: > > > Hi Martin, > > If I understand your question correctly > > > > you need 2 endpoints to the tunnel... > > > > for gif(4) or any gre((4) based tunnel > > you need the interface setup on both the client and the server (gateway) > > > > if you have a gateway serving multiple clients... then you need one > > interface per client that you intend to connect > > Thanks > > Tom Smyth > > > > On Fri, 8 May 2020 at 17:38, Martin martin...@protonmail.com wrote: > > > > > Thanks for confirmation. > > > Hope I understand gif(4) functionality right from its configuration. Can > > > I set /etc/hostname.gif0 from client's side only like below: > > > /etc/hostname.gif0 > > > tunnel 10.20.30.40 195.203.212.221 > > > inet6 alias 2001:05a8::0001::::8542 128 > > > dest 2001:05a8::0001::::8541 > > > where > > > tunnel 10.20.30.40 is client's address, 195.203.212.221 gateway machine > > > egress IPv4 > > > inet6 alias is the same IPv6 address of client's IPv6 local interface or > > > an IPv6 address in the same subnet. > > > dest IPv6 is a destination IPv6 interface address of gateway machine. > > > Do I need to setup gif0 on gateway machine to have encapsulation working? > > > Martin > > > ‐‐‐ Original Message ‐‐‐ > > > On Friday, May 8, 2020 1:43 PM, Kristjan Komlosi > > > kristjan.koml...@gmail.com wrote: > > > > > > > gif(4) should work fine, as it's designed to do what you described. The > > > > best approach depends on the level of security you want to achieve. IPIP > > > > tunnels aren't encrypted... > > > > regards, kristjan > > > > On 5/8/20 3:32 PM, Martin wrote: > > > > > > > > > I have IPv6 unidirectional tunnel between two machines. One of them > > > > > is gateway, another one is a client. > > > > > The goal is to route IPv4 packets over IPv6 tunnel from client to > > > > > gateway and NAT IPv4 packet to egress on gateway machine. > > > > > May I use gif(4) for it or what is the best approach to traverse IPv4 > > > > > packets over IPv6 tun? > > > > > Martin > > > > -- > > > > Kindest regards, > > Tom Smyth. > > -- Kindest regards, Tom Smyth.
Re: IPv4 traffic over IPv6 tunnel approach
Last thing I have to understand about gif(4) and IPv6 tunneling. Should I set gif(4) 'inet6 alias' = the same IPv6 of the local end of IPv6 tunnel interface or just set 'inet6 alias' for gif(4) in tunnel's IPv6 subnet? Martin ‐‐‐ Original Message ‐‐‐ On Friday, May 8, 2020 4:41 PM, Tom Smyth wrote: > Hi Martin, > If I understand your question correctly > > you need 2 endpoints to the tunnel... > > for gif(4) or any gre((4) based tunnel > you need the interface setup on both the client and the server (gateway) > > if you have a gateway serving multiple clients... then you need one > interface per client that you intend to connect > Thanks > Tom Smyth > > On Fri, 8 May 2020 at 17:38, Martin martin...@protonmail.com wrote: > > > Thanks for confirmation. > > Hope I understand gif(4) functionality right from its configuration. Can I > > set /etc/hostname.gif0 from client's side only like below: > > /etc/hostname.gif0 > > tunnel 10.20.30.40 195.203.212.221 > > inet6 alias 2001:05a8::0001::::8542 128 > > dest 2001:05a8::0001::::8541 > > where > > tunnel 10.20.30.40 is client's address, 195.203.212.221 gateway machine > > egress IPv4 > > inet6 alias is the same IPv6 address of client's IPv6 local interface or an > > IPv6 address in the same subnet. > > dest IPv6 is a destination IPv6 interface address of gateway machine. > > Do I need to setup gif0 on gateway machine to have encapsulation working? > > Martin > > ‐‐‐ Original Message ‐‐‐ > > On Friday, May 8, 2020 1:43 PM, Kristjan Komlosi kristjan.koml...@gmail.com > > wrote: > > > > > gif(4) should work fine, as it's designed to do what you described. The > > > best approach depends on the level of security you want to achieve. IPIP > > > tunnels aren't encrypted... > > > regards, kristjan > > > On 5/8/20 3:32 PM, Martin wrote: > > > > > > > I have IPv6 unidirectional tunnel between two machines. One of them is > > > > gateway, another one is a client. > > > > The goal is to route IPv4 packets over IPv6 tunnel from client to > > > > gateway and NAT IPv4 packet to egress on gateway machine. > > > > May I use gif(4) for it or what is the best approach to traverse IPv4 > > > > packets over IPv6 tun? > > > > Martin > > -- > > Kindest regards, > Tom Smyth.
Re: IPv4 traffic over IPv6 tunnel approach
>From your description, you want to pass IPv4 inside a tunnel that has an outer >protocol of IPv6. Your resulting hostname.gif0 looks like the exact opposite >of your description (IPv6 inside the tunnel with IPv4 outer). Clarify what you need please. Provide your existing hostname.if files for the other interfaces if you need to. > On May 8, 2020, at 3:09 PM, Martin wrote: > > Last thing I have to understand about gif(4) and IPv6 tunneling. > > Should I set gif(4) 'inet6 alias' = the same IPv6 of the local end of IPv6 > tunnel interface or just set 'inet6 alias' for gif(4) in tunnel's IPv6 subnet? > > Martin > > ‐‐‐ Original Message ‐‐‐ >>> On Friday, May 8, 2020 4:41 PM, Tom Smyth >>> wrote: >> Hi Martin, >> If I understand your question correctly >> you need 2 endpoints to the tunnel... >> for gif(4) or any gre((4) based tunnel >> you need the interface setup on both the client and the server (gateway) >> if you have a gateway serving multiple clients... then you need one >> interface per client that you intend to connect >> Thanks >> Tom Smyth >>> On Fri, 8 May 2020 at 17:38, Martin martin...@protonmail.com wrote: >>> Thanks for confirmation. >>> Hope I understand gif(4) functionality right from its configuration. Can I >>> set /etc/hostname.gif0 from client's side only like below: >>> /etc/hostname.gif0 >>> tunnel 10.20.30.40 195.203.212.221 >>> inet6 alias 2001:05a8::0001::::8542 128 >>> dest 2001:05a8::0001::::8541 >>> where >>> tunnel 10.20.30.40 is client's address, 195.203.212.221 gateway machine >>> egress IPv4 >>> inet6 alias is the same IPv6 address of client's IPv6 local interface or an >>> IPv6 address in the same subnet. >>> dest IPv6 is a destination IPv6 interface address of gateway machine. >>> Do I need to setup gif0 on gateway machine to have encapsulation working? >>> Martin >>> ‐‐‐ Original Message ‐‐‐ On Friday, May 8, 2020 1:43 PM, Kristjan Komlosi kristjan.koml...@gmail.com wrote: gif(4) should work fine, as it's designed to do what you described. The best approach depends on the level of security you want to achieve. IPIP tunnels aren't encrypted... regards, kristjan On 5/8/20 3:32 PM, Martin wrote: > I have IPv6 unidirectional tunnel between two machines. One of them is > gateway, another one is a client. > The goal is to route IPv4 packets over IPv6 tunnel from client to gateway > and NAT IPv4 packet to egress on gateway machine. > May I use gif(4) for it or what is the best approach to traverse IPv4 > packets over IPv6 tun? > Martin >> -- >> Kindest regards, >> Tom Smyth.
Re: IPv4 traffic over IPv6 tunnel approach
Thanks for confirmation. Hope I understand gif(4) functionality right from its configuration. Can I set /etc/hostname.gif0 from client's side only like below: /etc/hostname.gif0 tunnel 10.20.30.40 195.203.212.221 inet6 alias 2001:05a8::0001::::8542 128 dest 2001:05a8::0001::::8541 where tunnel 10.20.30.40 is client's address, 195.203.212.221 gateway machine egress IPv4 inet6 alias is the same IPv6 address of client's IPv6 local interface or an IPv6 address in the same subnet. dest IPv6 is a destination IPv6 interface address of gateway machine. Do I need to setup gif0 on gateway machine to have encapsulation working? Martin ‐‐‐ Original Message ‐‐‐ On Friday, May 8, 2020 1:43 PM, Kristjan Komlosi wrote: > gif(4) should work fine, as it's designed to do what you described. The > best approach depends on the level of security you want to achieve. IPIP > tunnels aren't encrypted... > > regards, kristjan > > On 5/8/20 3:32 PM, Martin wrote: > > > I have IPv6 unidirectional tunnel between two machines. One of them is > > gateway, another one is a client. > > The goal is to route IPv4 packets over IPv6 tunnel from client to gateway > > and NAT IPv4 packet to egress on gateway machine. > > May I use gif(4) for it or what is the best approach to traverse IPv4 > > packets over IPv6 tun? > > Martin
IPv4 traffic over IPv6 tunnel approach
I have IPv6 unidirectional tunnel between two machines. One of them is gateway, another one is a client. The goal is to route IPv4 packets over IPv6 tunnel from client to gateway and NAT IPv4 packet to egress on gateway machine. May I use gif(4) for it or what is the best approach to traverse IPv4 packets over IPv6 tun? Martin
Re: IPv4 traffic over IPv6 tunnel approach
Hi Martin, If I understand your question correctly you need 2 endpoints to the tunnel... for gif(4) or any gre((4) based tunnel you need the interface setup on both the client and the server (gateway) if you have a gateway serving multiple clients... then you need one interface per client that you intend to connect Thanks Tom Smyth On Fri, 8 May 2020 at 17:38, Martin wrote: > > Thanks for confirmation. > > Hope I understand gif(4) functionality right from its configuration. Can I > set /etc/hostname.gif0 from client's side only like below: > > /etc/hostname.gif0 > tunnel 10.20.30.40 195.203.212.221 > inet6 alias 2001:05a8::0001::::8542 128 > dest 2001:05a8::0001::::8541 > > where > tunnel 10.20.30.40 is client's address, 195.203.212.221 gateway machine > egress IPv4 > inet6 alias is the same IPv6 address of client's IPv6 local interface or an > IPv6 address in the same subnet. > dest IPv6 is a destination IPv6 interface address of gateway machine. > > Do I need to setup gif0 on gateway machine to have encapsulation working? > > Martin > > ‐‐‐ Original Message ‐‐‐ > On Friday, May 8, 2020 1:43 PM, Kristjan Komlosi > wrote: > > > gif(4) should work fine, as it's designed to do what you described. The > > best approach depends on the level of security you want to achieve. IPIP > > tunnels aren't encrypted... > > > > regards, kristjan > > > > On 5/8/20 3:32 PM, Martin wrote: > > > > > I have IPv6 unidirectional tunnel between two machines. One of them is > > > gateway, another one is a client. > > > The goal is to route IPv4 packets over IPv6 tunnel from client to gateway > > > and NAT IPv4 packet to egress on gateway machine. > > > May I use gif(4) for it or what is the best approach to traverse IPv4 > > > packets over IPv6 tun? > > > Martin > > -- Kindest regards, Tom Smyth.
Re: IPv4 traffic over IPv6 tunnel approach
gif(4) should work fine, as it's designed to do what you described. The best approach depends on the level of security you want to achieve. IPIP tunnels aren't encrypted... regards, kristjan On 5/8/20 3:32 PM, Martin wrote: > I have IPv6 unidirectional tunnel between two machines. One of them is > gateway, another one is a client. > The goal is to route IPv4 packets over IPv6 tunnel from client to gateway and > NAT IPv4 packet to egress on gateway machine. > > May I use gif(4) for it or what is the best approach to traverse IPv4 packets > over IPv6 tun? > > Martin >
