'Upgrading' NAT64 to 464XLAT?
Simon Perreault
simon.perreault at viagenie.ca
Tue Nov 26 15:11:38 CET 2013
Le 2013-11-25 08:20, Dick Visser a écrit :
> I'd like to 'upgrade' out existing NAT64/DNS64 setup to do 464XLAT, but
> there aren't many docs about how to set 464XLAT to begin with.
FYI, our OpenBSD implementation of NAT64 also does NAT46. It's been part
of regular OpenBSD releases since 5.1. But I haven't been able to make
it do NAT46 on the local host: it only works on a separate gateway
because the translation is done on packet input, and locally-generated
packets are not evaluated against input rules, only output. Maybe with a
clever arrangement of bridge/tunnel/loopback interfaces one could manage it.
Anyway, it should be as simple as:
NAT46:
pass in inet af-to inet6 from ($wan_if) to 64:ff9b::/96
NAT64:
pass in inet6 to 64::ff9b::/96 af-to inet from ($wan_if)
That effectively gives you 464XLAT with the CLAT sitting on the IPv4
LAN's gateway.
I haven't tried our Linux implementation, but just from looking at the
code it seems like it should work even on the local host.
If anyone wants to investigate any of this, let me know!
Simon
--
DTN made easy, lean, and smart --> http://postellation.viagenie.ca
NAT64/DNS64 open-source --> http://ecdysis.viagenie.ca
STUN/TURN server --> http://numb.viagenie.ca
More information about the ipv6-ops
mailing list