Date: Wed, 9 May 2018 12:25:24 +0000 (UTC) From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r333406 - head/sbin/ipfw Message-ID: <201805091225.w49CPOro021699@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ae Date: Wed May 9 12:25:23 2018 New Revision: 333406 URL: https://svnweb.freebsd.org/changeset/base/333406 Log: Update NAT64 documentation, now we support any IPv6 prefixes. MFC after: 1 month Modified: head/sbin/ipfw/ipfw.8 Modified: head/sbin/ipfw/ipfw.8 ============================================================================== --- head/sbin/ipfw/ipfw.8 Wed May 9 12:09:08 2018 (r333405) +++ head/sbin/ipfw/ipfw.8 Wed May 9 12:25:23 2018 (r333406) @@ -1,7 +1,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 19, 2018 +.Dd May 9, 2018 .Dt IPFW 8 .Os .Sh NAME @@ -3048,13 +3048,6 @@ After translation NAT64 translator sends packets throu queue. Thus translator host should be configured as IPv4 and IPv6 router. .Pp -Currently both stateful and stateless NAT64 translators use Well-Known IPv6 -Prefix -.Ar 64:ff9b::/96 -to represent IPv4 addresses in the IPv6 address. -Thus DNS64 service and routing should be configured to use Well-Known IPv6 -Prefix. -.Pp The stateful NAT64 configuration command is the following: .Bd -ragged -offset indent .Bk -words @@ -3067,7 +3060,7 @@ The stateful NAT64 configuration command is the follow .Pp The following parameters can be configured: .Bl -tag -width indent -.It Cm prefix4 Ar ipv4_prefix/mask +.It Cm prefix4 Ar ipv4_prefix/plen The IPv4 prefix with mask defines the pool of IPv4 addresses used as source address after translation. Stateful NAT64 module translates IPv6 source address of client to one @@ -3075,6 +3068,12 @@ IPv4 address from this pool. Note that incoming IPv4 packets that don't have corresponding state entry in the states table will be dropped by translator. Make sure that translation rules handle packets, destined to configured prefix. +.It Cm prefix6 Ar ipv6_prefix/length +The IPv6 prefix defines IPv4-embedded IPv6 addresses used by translator +to represent IPv4 addresses. This IPv6 prefix should be configured in DNS64. +The translator implementation follows RFC6052, that restricts the length of +prefixes to one of following: 32, 40, 48, 56, 64, or 96. +The Well-Known IPv6 Prefix 64:ff9b:: must be 96 bits long. .It Cm max_ports Ar number Maximum number of ports reserved for upper level protocols to one IPv6 client. All reserved ports are divided into chunks between supported protocols. @@ -3174,6 +3173,9 @@ The stateless NAT64 configuration command is the follo .Pp The following parameters can be configured: .Bl -tag -width indent +.It Cm prefix6 Ar ipv6_prefix/length +The IPv6 prefix defines IPv4-embedded IPv6 addresses used by translator +to represent IPv4 addresses. This IPv6 prefix should be configured in DNS64. .It Cm table4 Ar table46 The lookup table .Ar table46
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201805091225.w49CPOro021699>