From owner-freebsd-hackers@FreeBSD.ORG Sat Mar 12 09:48:16 2005 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1746D16A4CE for ; Sat, 12 Mar 2005 09:48:16 +0000 (GMT) Received: from cheer.mahoroba.org (gw4.mahoroba.org [218.45.22.175]) by mx1.FreeBSD.org (Postfix) with ESMTP id A96AC43D48 for ; Sat, 12 Mar 2005 09:48:14 +0000 (GMT) (envelope-from ume@mahoroba.org) Received: from lyrics.mahoroba.org (ume@lyrics.mahoroba.org [IPv6:3ffe:501:185b:8010:280:88ff:fe03:4841]) (user=ume mech=CRAM-MD5 bits=0)j2C9m502056926 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 12 Mar 2005 18:48:05 +0900 (JST) (envelope-from ume@mahoroba.org) Date: Sat, 12 Mar 2005 18:48:04 +0900 Message-ID: From: Hajimu UMEMOTO To: Nick Sayer In-Reply-To: <831b85e9533de2bb477712153a9eb99a@kfu.com> References: <4232198F.5030705@kfu.com> <42323A0D.8060501@kfu.com> <831b85e9533de2bb477712153a9eb99a@kfu.com> User-Agent: xcite1.38> Wanderlust/2.13.3 (You Oughta Know) SEMI/1.14.6 (Maruoka) FLIM/1.14.7 (=?ISO-8859-4?Q?Sanj=F2?=) APEL/10.6 Emacs/22.0.50 (i386-unknown-freebsd5.4) MULE/5.0 (SAKAKI) X-Operating-System: FreeBSD 5.4-PRERELEASE MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII X-Greylist: Sender succeded SMTP AUTH authentication, not delayed by milter-greylist-2.0b2 (cheer.mahoroba.org [IPv6:3ffe:501:185b:8010::1]); Sat, 12 Mar 2005 18:48:05 +0900 (JST) X-Virus-Scanned: by amavisd-new X-Virus-Status: Clean X-Spam-Status: No, score=-5.7 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.0.2 X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on cheer.mahoroba.org cc: freebsd-hackers@freebsd.org Subject: Re: 6to4, stf and shoebox NAT routers X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Mar 2005 09:48:16 -0000 Hi, >>>>> On Fri, 11 Mar 2005 23:24:52 -0800 >>>>> Nick Sayer said: nsayer> Well, I'm screwed. nsayer> I set up the Linksys router so that the FreeBSD machine is the "DMZ" nsayer> host on the inside. Sending 6to4 to the router's outside address nsayer> results in tcpdump showing these on the inside: nsayer> 22:09:36.138924 [linksys mac address] > ff:ff:ff:ff:ff:ff, ethertype nsayer> ARP (0x0806), length 60: arp who-has [linksys outside ip] tell [linksys nsayer> inside ip] nsayer> Which, quite frankly, is laughable. If that weren't enough, the packets nsayer> come out of the linksys router with the source IP address being from nsayer> the inside (meaning, it didn't get NATted). Humph. nsayer> So it appears that for now, I will have to keep a 2nd interface active nsayer> on this box solely for the purpose of doing IPv6. What a nightmare. It seems your Linksys box simply forward packets without translating destination address to your 6to4 box. I don't know actually what DMZ concept of Linksys is. However, you may need some additional setting into your Linksys box. Or, when you just set global addres of your Linksys box to your 6to4 box, you may be able to use 6to4 without my patch. Sincerely, -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@{,jp.}FreeBSD.org http://www.imasy.org/~ume/