From owner-freebsd-net@FreeBSD.ORG Sun Jul 10 07:38:42 2011 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7DF72106564A for ; Sun, 10 Jul 2011 07:38:42 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mx1.sbone.de (mx1.sbone.de [IPv6:2a01:4f8:130:3ffc::401:25]) by mx1.freebsd.org (Postfix) with ESMTP id 0F1D58FC0C for ; Sun, 10 Jul 2011 07:38:41 +0000 (UTC) Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.sbone.de (Postfix) with ESMTPS id D7F7825D37C3; Sun, 10 Jul 2011 07:38:40 +0000 (UTC) Received: from content-filter.sbone.de (content-filter.sbone.de [IPv6:fde9:577b:c1a9:31::2013:2742]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPS id D6B6A15A8C16; Sun, 10 Jul 2011 07:38:38 +0000 (UTC) X-Virus-Scanned: amavisd-new at sbone.de Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587]) by content-filter.sbone.de (content-filter.sbone.de [fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024) with ESMTP id HhYRU5vE1Hms; Sun, 10 Jul 2011 07:38:37 +0000 (UTC) Received: from orange-en1.sbone.de (orange-en1.sbone.de [IPv6:fde9:577b:c1a9:31:cabc:c8ff:fecf:e8e3]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPSA id 7251815A8BEB; Sun, 10 Jul 2011 07:38:37 +0000 (UTC) Mime-Version: 1.0 (Apple Message framework v1084) Content-Type: text/plain; charset=iso-8859-1 From: "Bjoern A. Zeeb" In-Reply-To: <201107100513.47337.remy.sanchez@hyperthese.net> Date: Sun, 10 Jul 2011 07:38:36 +0000 Content-Transfer-Encoding: quoted-printable Message-Id: <6ED7645C-6E24-41BB-B5AC-9858D5E94B10@lists.zabbadoz.net> References: <201107100513.47337.remy.sanchez@hyperthese.net> To: =?iso-8859-1?Q?R=E9my_Sanchez?= X-Mailer: Apple Mail (2.1084) Cc: freebsd-net@freebsd.org Subject: Re: RFC 6296 (NPT v6) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Jul 2011 07:38:42 -0000 On Jul 10, 2011, at 3:13 AM, R=E9my Sanchez wrote: > I was wondering if they were anyone currently implementing NPTv6 for = FreeBSD ? >=20 > If nobody is, since I need this feature and that the RFC is quite = simple, I=20 > think I'll implement it (or run out of time trying to). However, it = looks like=20 > you can't divert IPv6, and then I don't know what would be the best = option to=20 > implement it: using netgraph might be a "cleaner" way to do it, = however=20 > hacking directly into ipfw might be more direct. >=20 > What do you think ? pf allows you do do prefix rewriting with binat at least, like: binat on $extif inet6 from $my_v6_ula_48 to ! = -> $my_v6_external_48 --=20 Bjoern A. Zeeb You have to have visions! Stop bit received. Insert coin for new address family.