From owner-freebsd-hackers@FreeBSD.ORG Fri Aug 3 08:20:08 2007 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A8A0C16A41F for ; Fri, 3 Aug 2007 08:20:08 +0000 (UTC) (envelope-from freebsd-hackers@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id 5FA8613C465 for ; Fri, 3 Aug 2007 08:20:08 +0000 (UTC) (envelope-from freebsd-hackers@m.gmane.org) Received: from root by ciao.gmane.org with local (Exim 4.43) id 1IGsOA-0001Ah-GF for freebsd-hackers@freebsd.org; Fri, 03 Aug 2007 10:20:02 +0200 Received: from firewall.andxor.it ([195.223.2.2]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 03 Aug 2007 10:20:02 +0200 Received: from lapo by firewall.andxor.it with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 03 Aug 2007 10:20:02 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-hackers@freebsd.org From: Lapo Luchini Date: Fri, 03 Aug 2007 10:08:48 +0200 Lines: 30 Message-ID: References: <4232198F.5030705@kfu.com> Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: firewall.andxor.it User-Agent: Thunderbird 2.0.0.5 (X11/20070721) In-Reply-To: X-Enigmail-Version: 0.95.1 OpenPGP: id=C8F252FB Sender: news Subject: Re: 6to4, stf and shoebox NAT routers X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Aug 2007 08:20:08 -0000 Hajimu UMEMOTO wrote: > I posted my proposed patch to current@ for review in the past. But, > no one responded. Could you test this? This is for 6-CURRENT at Feb 1. > If it doesn't apply cleanly, please let me know. It applied cleanly to 6.2-STABLE and seems to work perfectly... outbound at least. I have a box at home called cyberx which has static IPv4 but is NATted (and is thus using your patch). The other test box is a server called motoko which has static IPv4 assigned to one of his interfaces directly (no patches here). The wl500g router correctly forwards the protocol 41 packets to cyberx. Pinging from cyberx to motoko (and using tcpdump on both) I can see that: a. cyberx if producing correct IPv4 packets that are from his local NATted address to the real motoko address, but containing a IPv6 packet that contains the '2002:'-encoding of both real IPv4 addresses b. motoko is receiving the echo request correctly c. motoko is sending the echo reply correctly d. cyberx is receiving the echo reply encapsulated in IPv4 packets correctly e. cyberx's stf0 interface IS NOT RECEIVING his IPv6 echo reply f. the 'ping' command thinks that all packets are lost Does you patch address incoming packets too? Can I do some ipfw magic to convince stf to receive also incoming packets with a mismatched IPv4-IPv6 address? Lapo