2.8 KiB
2.8 KiB
Inspiration / Further Reading
- http://jool.mx/en/464xlat.html
- https://tools.ietf.org/html/draft-ietf-behave-nat64-discovery-heuristic-17
- https://sites.google.com/site/tmoipv6/464xlat
- http://jool.mx/en/install.html
- https://github.com/NICMx/Jool/
- https://hveem.no/using-dnsmasq-for-dhcpv6
- https://github.com/toreanderson/clatd
- http://jool.mx/en/run-vanilla.html#sample-network
- http://jool.mx/en/eamt.html
- http://jool.mx/en/run-eam.html
- https://partiallydisassembled.wordpress.com/2017/04/14/pi-nat64/
Install Jool
# If using raspbian be sure linux-headers package(s)
apt install build-essential pkg-config libnl-genl-3-dev libxtables-dev dkms git autoconf tar
git clone https://github.com/NICMx/Jool.git /scratch/jool
cd /scratch/jool
git checkout `git tag | sort -r | head -n1`
dkms install ./
./autogen.sh
./configure
cd src/usr
make
make install
Figure out NAT64 endpoints via RFC7050
See quectel_ec25.md
for details
Figure out address mapping setup
Look at your ipv6 address, pray for a /64 and do some mappings...
2607:fb90:88bd:95b9:999e:f533:32e4:71fa/64
-> 2607:fb90:88bd:95b9::
-> 2607:fb90:88bd:95b9::172.17.17.17/120
Setup jool routing for ipv4 <> ipv6
sysctl -w net.ipv4.conf.all.forwarding=1
sysctl -w net.ipv6.conf.all.forwarding=1
modprobe jool_siit
jool_siit instance add "lollipop" --iptables --pool6 2607:7700:0:26::/96 # pool6 is NAT64 endpoints via RFC7050
jool_siit instance display
jool_siit -i "lollipop" eamt add "2607:fb90:88bd:95b9::172.17.17.0/120" "172.17.17.0/24" # ipv6 address map <> ipv4 lan
jool_siit -i "lollipop" eamt display
jool_siit -i "lollipop" stats display --all | less
ip6tables -t mangle -A PREROUTING \
-s 2607:fb90:88bd:95b9::172.17.17.0/120 \
-j JOOL_SIIT --instance "lollipop"
iptables -t mangle -A PREROUTING \
-s 172.17.17.0/24 \
-j JOOL_SIIT --instance "lollipop"
ip6tables -I OUTPUT -d 2607:7700:0:26::/96 -j ACCEPT
The iptables commands above were adapted from this block of the jool.mx docs
user@T:~# ip6tables -t mangle -A PREROUTING \
> -s 2001:db8::198.51.100.8/125 -d 2001:db8::192.0.2.0/120 \
> -j JOOL_SIIT --instance "example"
user@T:~# iptables -t mangle -A PREROUTING \
> -s 192.0.2.0/24 -d 198.51.100.8/29 \
> -j JOOL_SIIT --instance "example"