User Tools

Site Tools


documentation:examples:nat64

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
documentation:examples:nat64 [2019/06/06 18:31]
fabien [Stateless (stl)]
documentation:examples:nat64 [2020/01/02 19:36] (current)
olivier [Stateless (stl)]
Line 55: Line 55:
  
 <​code>​ <​code>​
-sysrc hostname=VM1 +sysrc hostname=VM1 ​\ 
-sysrc gateway_enable=NO + ​gateway_enable=NO ​\ 
-sysrc ipv6_gateway_enable=NO + ​ipv6_gateway_enable=NO ​\ 
-sysrc ifconfig_vtnet0_ipv6="​inet6 2001:​db8:​12::​1 prefixlen 64" + ​ifconfig_vtnet0_ipv6="​inet6 2001:​db8:​12::​1 prefixlen 64" ​\ 
-sysrc ipv6_defaultrouter="​2001:​db8:​12::​2"​+ ​ipv6_defaultrouter="​2001:​db8:​12::​2"​
 service hostname restart service hostname restart
 service netif restart service netif restart
Line 71: Line 71:
  
 <​code>​ <​code>​
-sysrc hostname=VM2 +sysrc hostname=VM2 ​\ 
-sysrc ifconfig_vtnet1="​inet 2.2.2.2/​24"​ + ​ifconfig_vtnet1="​inet 2.2.2.2/​24" ​\ 
-sysrc ifconfig_vtnet0_ipv6="​inet6 2001:​db8:​12::​2 prefixlen 64"+ ​ifconfig_vtnet0_ipv6="​inet6 2001:​db8:​12::​2 prefixlen 64"
 service hostname restart service hostname restart
 service netif restart service netif restart
Line 85: Line 85:
  
 <​code>​ <​code>​
-sysrc hostname=VM3 +sysrc hostname=VM3 ​\ 
-sysrc gateway_enable=NO + ​gateway_enable=NO ​\ 
-sysrc ipv6_gateway_enable=NO + ​ipv6_gateway_enable=NO ​\ 
-sysrc ifconfig_vtnet1="​inet 2.2.2.3/​24"​ + ​ifconfig_vtnet1="​inet 2.2.2.3/​24" ​\ 
-sysrc defaultrouter="​2.2.2.2"​+ ​defaultrouter="​2.2.2.2"​
 service hostname restart service hostname restart
 service netif restart service netif restart
Line 103: Line 103:
  
 <​code>​ <​code>​
-sysrc tayga_enable=yes+service tayga enable
 sed -i ""​ '​s/​192.168.255./​2.2.1./​g'​ /​usr/​local/​etc/​tayga.conf sed -i ""​ '​s/​192.168.255./​2.2.1./​g'​ /​usr/​local/​etc/​tayga.conf
 sed -i ""​ '​s/​2001:​db8:​1:​ffff::/​64:​ff9b::/​g'​ /​usr/​local/​etc/​tayga.conf sed -i ""​ '​s/​2001:​db8:​1:​ffff::/​64:​ff9b::/​g'​ /​usr/​local/​etc/​tayga.conf
Line 131: Line 131:
 </​code>​ </​code>​
 ==== Testing ==== ==== Testing ====
 +
 +From VM4, start a tcpdump to check IPv4 source address seen by VM3:
 +
 +<​code>​
 +[root@VM3]~#​ tcpdump -c 2 -pni vtnet1
 +tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
 +listening on vtnet1, link-type EN10MB (Ethernet), capture size 262144 bytes
 +...
 +</​code>​
  
 From VM1 (IPv6 only host), ping NAT64 IPv6 address corresponding to VM3 IPv4 address: From VM1 (IPv6 only host), ping NAT64 IPv6 address corresponding to VM3 IPv4 address:
Line 146: Line 155:
 </​code>​ </​code>​
  
-And check IPv4 source ​address seen by VM3: +From VM3, check source ​IP addresses of ICMP:
 <​code>​ <​code>​
-[root@VM3]~#​ tcpdump -c 2 -pni vtnet1 +...
-tcpdump: verbose output suppressed, use -v or -vv for full protocol decode +
-listening on vtnet1, link-type EN10MB (Ethernet), capture size 262144 bytes+
 17:​43:​03.094975 IP 2.2.1.249 > 2.2.2.3: ICMP echo request, id 6575, seq 0, length 16 17:​43:​03.094975 IP 2.2.1.249 > 2.2.2.3: ICMP echo request, id 6575, seq 0, length 16
 17:​43:​03.094983 IP 2.2.2.3 > 2.2.1.249: ICMP echo reply, id 6575, seq 0, length 16 17:​43:​03.094983 IP 2.2.2.3 > 2.2.1.249: ICMP echo reply, id 6575, seq 0, length 16
Line 158: Line 164:
 0 packets dropped by kernel 0 packets dropped by kernel
 </​code>​ </​code>​
- 
 ===== IPFW NAT64 (kernel space) ===== ===== IPFW NAT64 (kernel space) =====
  
Line 170: Line 175:
  
 <​code>​ <​code>​
-sysrc firewall_enable=YES+service ipfw enable
 sysrc firewall_script="/​etc/​ipfw.rules"​ sysrc firewall_script="/​etc/​ipfw.rules"​
 echo "# Temporary fix to avoid panicing a 12-stable:"​ >> /​etc/​sysctl.conf echo "# Temporary fix to avoid panicing a 12-stable:"​ >> /​etc/​sysctl.conf
Line 224: Line 229:
  
 <​code>​ <​code>​
-sysrc firewall_enable=YES+service ipfw enable
 sysrc firewall_script="/​etc/​ipfw.rules"​ sysrc firewall_script="/​etc/​ipfw.rules"​
  
Line 263: Line 268:
 From IPv4 only host, ping NAT64 IPv4 address corresponding to VM3 IPv6 address: From IPv4 only host, ping NAT64 IPv4 address corresponding to VM3 IPv6 address:
 <​code>​ <​code>​
-[root@v4TST64]~# ping -c 3 2.2.1.1+[root@VM3]~# ping -c 3 2.2.1.1
 PING 2.2.1.1 (2.2.1.1): 56 data bytes PING 2.2.1.1 (2.2.1.1): 56 data bytes
 64 bytes from 2.2.1.1: icmp_seq=0 ttl=63 time=17.147 ms 64 bytes from 2.2.1.1: icmp_seq=0 ttl=63 time=17.147 ms
Line 274: Line 279:
 </​code>​ </​code>​
  
-And check on VM3+And check on the NAT router VM2 some stats:
  
 <​code>​ <​code>​
-[root@rTST64]~# ipfw nat64stl NAT64 stats+[root@VM2]~# ipfw nat64stl NAT64 stats
 nat64stl NAT64 nat64stl NAT64
         6 packets translated from IPv6 to IPv4         6 packets translated from IPv6 to IPv4
documentation/examples/nat64.1559838694.txt.gz · Last modified: 2019/06/06 18:31 by fabien