Date: Fri, 13 Jul 2012 00:33:21 +0900 From: "HIROSHI OOTA" <nil@mad.dog.cx> To: freebsd-current@freebsd.org Subject: [CFT] ng_nptv6 (IPv6-to-IPv6 Network Prefix Translation) Message-ID: <op.whcatvc4b34bpo@lenovo-b0c22c0d>
next in thread | raw e-mail | index | archive | help
Hi, all
I have created a netgraph node which performs a IPv6-to-IPv6 Network
Prefix Translation(RFC6296).
It works with ipfw(ng_ipfw). a sample configuration is follows.
1 setup netgraph
ngctl mkpeer ipfw: nptv6 1000 inbound
ngctl name ipfw:1000 nptv6
ngctl connect ipfw: nptv6: 2000 outbound
ngctl msg nptv6: setconfig { inner=fd00:1234:1234::/48
outer=2001:db8::/32 }
or use rcng script(ng_nptv6.sh) which is included in archive.
2 setup ipfw
# inbound
ipfw 1000 allow ip6 from any to 2001:db8::/64 in
ipfw 1010 netgraph 1000 ip6 from any to 2001:db8::/32 in
ipfw 1090 allow ip6 from any to any in
# outbound
ipfw 2000 allow ip6 from 2001:db8::/64 to any out
ipfw 2010 netgraph 2000 ip6 from 2001:db8::/32 to any out
ipfw 2090 allow ip6 from any to any in
You can download from
http://hp.vector.co.jp/authors/VA052357/ng_nptv6-0.0.tar.xz
Comments and tests results are welcome!
--
HIROSHI OOTA
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?op.whcatvc4b34bpo>