|
List Info
Thread: stf(4) and NAT protocol forwarding
|
|
| stf(4) and NAT protocol forwarding |
|
2006-04-04 22:19:35 |
On Mon, Jan 09, 2006 at 10:10:36AM +0100, Pavel Cahyna
wrote:
> On Sat, Jan 07, 2006 at 10:57:17PM -0600, Jonathan A.
Kollasch wrote:
> > Hi,
> > Because my ADSL gateway (running OpenWrt
Busybox/Linux\ 2.4)
> > isn't providing me with stable 6to4 connectivity
(long story, not
> > on topic here) I've decided to switch my 6to4
router back to NetBSD.
> >
> > I've got full control over iptables on the ADSL
gateway, thus I
> > can do protocol forwarding. However, I can't get
stf(4) to accept
> > packets directed at its private IPv4 address.
I'm using the binat
>
> I can only say that it works for me in 3.0.
>
> ipnat.conf :
>
> bimap ex0 xx.xx.xx.xx/32 -> 10.11.53.78/32 ipv6
For the record I'm now using the PF rule:
binat on ex0 proto ipv6 from xx.xx.xx.xx/32 to any ->
10.11.53.78/32
>
> ifconfig.stf0:
>
> create
> inet6 2002 xxxxxx::
1 prefixlen 16 up
>
> ifconfig.lo0:
>
> inet xx.xx.xx.xx prefixlen 32 alias
>
> (xxxxxxx
is the hex representation of xx.xx.xx.xx).
>
> > rule as suggested the last time this subject came
up, it seems to
> > let the packets get out. I've tried using the
link2 bit on stf0
>
> Is the source address set to your private address, or
to the public one?
> (when seen by tcpdump). If it is the public one, it
means that NAT is not
> working.
>
> Bye Pavel
|
|
| stf(4) and NAT protocol forwarding |
|
2006-04-05 06:41:45 |
On Tue, Apr 04, 2006 at 05:19:35PM -0500, Jonathan A.
Kollasch wrote:
> On Mon, Jan 09, 2006 at 10:10:36AM +0100, Pavel Cahyna
wrote:
> > On Sat, Jan 07, 2006 at 10:57:17PM -0600, Jonathan
A. Kollasch wrote:
> > > Hi,
> > > Because my ADSL gateway (running OpenWrt
Busybox/Linux\ 2.4)
> > > isn't providing me with stable 6to4
connectivity (long story, not
> > > on topic here) I've decided to switch my
6to4 router back to NetBSD.
> > >
> > > I've got full control over iptables on the
ADSL gateway, thus I
> > > can do protocol forwarding. However, I
can't get stf(4) to accept
> > > packets directed at its private IPv4 address.
I'm using the binat
> >
> > I can only say that it works for me in 3.0.
> >
> > ipnat.conf :
> >
> > bimap ex0 xx.xx.xx.xx/32 -> 10.11.53.78/32 ipv6
>
>
> For the record I'm now using the PF rule:
>
> binat on ex0 proto ipv6 from xx.xx.xx.xx/32 to any
-> 10.11.53.78/32
What did help? Using PF instead of IPF?
Pavel
|
|
| stf(4) and NAT protocol forwarding |
|
2006-04-05 07:37:42 |
On Wed, Apr 05, 2006 at 08:41:45AM +0200, Pavel Cahyna
wrote:
> On Tue, Apr 04, 2006 at 05:19:35PM -0500, Jonathan A.
Kollasch wrote:
> > On Mon, Jan 09, 2006 at 10:10:36AM +0100, Pavel
Cahyna wrote:
~ ~ ~
> > > I can only say that it works for me in 3.0.
> > >
> > > ipnat.conf :
> > >
> > > bimap ex0 xx.xx.xx.xx/32 -> 10.11.53.78/32
ipv6
> >
> >
> > For the record I'm now using the PF rule:
> >
> > binat on ex0 proto ipv6 from xx.xx.xx.xx/32 to any
-> 10.11.53.78/32
>
> What did help? Using PF instead of IPF?
No, the IPF worked fine, I'm just preparing for the
eventuality that IPF
is the non-default packet filter. (Yes, I know that'll
probably 5.0 or
later.) I had to trial and error the PF binat rule until it
worked,
so I thought others might like to know.
Jonathan Kollasch
|
|
[1-3]
|
|
|
about | contact Other archives ( Real Estate discussion Medical topics )
|