User Tools

Site Tools


documentation:examples:nat64

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
documentation:examples:nat64 [2019/06/06 18:31] – [Stateless (stl)] fabiendocumentation:examples:nat64 [2020/01/02 19:36] (current) – [Stateless (stl)] olivier
Line 55: Line 55:
  
 <code> <code>
-sysrc hostname=VM1 +sysrc hostname=VM1 \ 
-sysrc gateway_enable=NO + gateway_enable=NO \ 
-sysrc ipv6_gateway_enable=NO + ipv6_gateway_enable=NO \ 
-sysrc ifconfig_vtnet0_ipv6="inet6 2001:db8:12::1 prefixlen 64" + ifconfig_vtnet0_ipv6="inet6 2001:db8:12::1 prefixlen 64" \ 
-sysrc ipv6_defaultrouter="2001:db8:12::2"+ ipv6_defaultrouter="2001:db8:12::2"
 service hostname restart service hostname restart
 service netif restart service netif restart
Line 71: Line 71:
  
 <code> <code>
-sysrc hostname=VM2 +sysrc hostname=VM2 \ 
-sysrc ifconfig_vtnet1="inet 2.2.2.2/24" + ifconfig_vtnet1="inet 2.2.2.2/24" \ 
-sysrc ifconfig_vtnet0_ipv6="inet6 2001:db8:12::2 prefixlen 64"+ ifconfig_vtnet0_ipv6="inet6 2001:db8:12::2 prefixlen 64"
 service hostname restart service hostname restart
 service netif restart service netif restart
Line 85: Line 85:
  
 <code> <code>
-sysrc hostname=VM3 +sysrc hostname=VM3 \ 
-sysrc gateway_enable=NO + gateway_enable=NO \ 
-sysrc ipv6_gateway_enable=NO + ipv6_gateway_enable=NO \ 
-sysrc ifconfig_vtnet1="inet 2.2.2.3/24" + ifconfig_vtnet1="inet 2.2.2.3/24" \ 
-sysrc defaultrouter="2.2.2.2"+ defaultrouter="2.2.2.2"
 service hostname restart service hostname restart
 service netif restart service netif restart
Line 103: Line 103:
  
 <code> <code>
-sysrc tayga_enable=yes+service tayga enable
 sed -i "" 's/192.168.255./2.2.1./g' /usr/local/etc/tayga.conf sed -i "" 's/192.168.255./2.2.1./g' /usr/local/etc/tayga.conf
 sed -i "" 's/2001:db8:1:ffff::/64:ff9b::/g' /usr/local/etc/tayga.conf sed -i "" 's/2001:db8:1:ffff::/64:ff9b::/g' /usr/local/etc/tayga.conf
Line 131: Line 131:
 </code> </code>
 ==== Testing ==== ==== Testing ====
 +
 +From VM4, start a tcpdump to check IPv4 source address seen by VM3:
 +
 +<code>
 +[root@VM3]~# tcpdump -c 2 -pni vtnet1
 +tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
 +listening on vtnet1, link-type EN10MB (Ethernet), capture size 262144 bytes
 +...
 +</code>
  
 From VM1 (IPv6 only host), ping NAT64 IPv6 address corresponding to VM3 IPv4 address: From VM1 (IPv6 only host), ping NAT64 IPv6 address corresponding to VM3 IPv4 address:
Line 146: Line 155:
 </code> </code>
  
-And check IPv4 source address seen by VM3: +From VM3, check source IP addresses of ICMP:
 <code> <code>
-[root@VM3]~# tcpdump -c 2 -pni vtnet1 +...
-tcpdump: verbose output suppressed, use -v or -vv for full protocol decode +
-listening on vtnet1, link-type EN10MB (Ethernet), capture size 262144 bytes+
 17:43:03.094975 IP 2.2.1.249 > 2.2.2.3: ICMP echo request, id 6575, seq 0, length 16 17:43:03.094975 IP 2.2.1.249 > 2.2.2.3: ICMP echo request, id 6575, seq 0, length 16
 17:43:03.094983 IP 2.2.2.3 > 2.2.1.249: ICMP echo reply, id 6575, seq 0, length 16 17:43:03.094983 IP 2.2.2.3 > 2.2.1.249: ICMP echo reply, id 6575, seq 0, length 16
Line 158: Line 164:
 0 packets dropped by kernel 0 packets dropped by kernel
 </code> </code>
- 
 ===== IPFW NAT64 (kernel space) ===== ===== IPFW NAT64 (kernel space) =====
  
Line 170: Line 175:
  
 <code> <code>
-sysrc firewall_enable=YES+service ipfw enable
 sysrc firewall_script="/etc/ipfw.rules" sysrc firewall_script="/etc/ipfw.rules"
 echo "# Temporary fix to avoid panicing a 12-stable:" >> /etc/sysctl.conf echo "# Temporary fix to avoid panicing a 12-stable:" >> /etc/sysctl.conf
Line 224: Line 229:
  
 <code> <code>
-sysrc firewall_enable=YES+service ipfw enable
 sysrc firewall_script="/etc/ipfw.rules" sysrc firewall_script="/etc/ipfw.rules"
  
Line 263: Line 268:
 From IPv4 only host, ping NAT64 IPv4 address corresponding to VM3 IPv6 address: From IPv4 only host, ping NAT64 IPv4 address corresponding to VM3 IPv6 address:
 <code> <code>
-[root@v4TST64]~# ping -c 3 2.2.1.1+[root@VM3]~# ping -c 3 2.2.1.1
 PING 2.2.1.1 (2.2.1.1): 56 data bytes PING 2.2.1.1 (2.2.1.1): 56 data bytes
 64 bytes from 2.2.1.1: icmp_seq=0 ttl=63 time=17.147 ms 64 bytes from 2.2.1.1: icmp_seq=0 ttl=63 time=17.147 ms
Line 274: Line 279:
 </code> </code>
  
-And check on VM3+And check on the NAT router VM2 some stats:
  
 <code> <code>
-[root@rTST64]~# ipfw nat64stl NAT64 stats+[root@VM2]~# ipfw nat64stl NAT64 stats
 nat64stl NAT64 nat64stl NAT64
         6 packets translated from IPv6 to IPv4         6 packets translated from IPv6 to IPv4
documentation/examples/nat64.1559838694.txt.gz · Last modified: 2019/06/06 18:31 by fabien

Except where otherwise noted, content on this wiki is licensed under the following license: BSD 2-Clause
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki