Date: Sun, 15 Dec 2019 13:44:04 +0300 From: "Andrey V. Elsukov" <bu7cher@yandex.ru> To: "John W. O'Brien" <john@saltant.com>, FreeBSD Networking <freebsd-net@freebsd.org> Subject: Re: NAT64 return traffic vanishes after successful de-alias Message-ID: <52463470-973e-aa5f-73f5-dd9ba39edf79@yandex.ru> In-Reply-To: <9f3ee846-1357-0b73-cc0f-e001ea74b15c@saltant.com> References: <9f3ee846-1357-0b73-cc0f-e001ea74b15c@saltant.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --tTIAUWYK7MpBr2IY9LJbgeylmbfFE50kq Content-Type: multipart/mixed; boundary="lEm04Vdv3ByYslfGqv7gTEtUbBadc1Fqq"; protected-headers="v1" From: "Andrey V. Elsukov" <bu7cher@yandex.ru> To: "John W. O'Brien" <john@saltant.com>, FreeBSD Networking <freebsd-net@freebsd.org> Message-ID: <52463470-973e-aa5f-73f5-dd9ba39edf79@yandex.ru> Subject: Re: NAT64 return traffic vanishes after successful de-alias References: <9f3ee846-1357-0b73-cc0f-e001ea74b15c@saltant.com> In-Reply-To: <9f3ee846-1357-0b73-cc0f-e001ea74b15c@saltant.com> --lEm04Vdv3ByYslfGqv7gTEtUbBadc1Fqq Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 14.12.2019 22:54, John W. O'Brien wrote: > Hello FreeBSD Networking, >=20 > As the subject summarizes, I have a mostly-working NAT64 rig, but retur= n > traffic is disappearing, and I haven't been able to figure out why. I > observe the post-translation (4-to-6) packets via ipfwlog0, but a simpl= e > ipfw counter rule ipfw matches nothing. I suspect you have disabled IPv6 on the interface, where IPv4 address is configured. Check that IFDISABLED flag is not set on the IPv4 side interface. When NAT64 does translation, by default it reschedules a packet again on the same interface, but from another address family, so if you have disabled IPv6, a packet will be just dropped by ip6_input. You can enable IPv6 by the following command: # ifconfig igb0 inet6 -ifdisabled --=20 WBR, Andrey V. Elsukov --lEm04Vdv3ByYslfGqv7gTEtUbBadc1Fqq-- --tTIAUWYK7MpBr2IY9LJbgeylmbfFE50kq Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQEzBAEBCAAdFiEE5lkeG0HaFRbwybwAAcXqBBDIoXoFAl32DnQACgkQAcXqBBDI oXo3fAf/VZqlnFUvNBBEZ9DHY6Na0jabyMwUlqQrtz4Ax0hNdzWx4kL6U1LsM7r5 Y/IJXZkSJZcsOTj6mGbJ6asv9NVcAxRRh0xcA0nLpQx77a4QxA5cqBEOEZQJJkT3 5GqFYOIDGnQKf3i/fI9CB8STbVnuGzG5N8N9ekYBJgxAuJ8W/3/wyyYuKJfaiyt2 QQtB7ZvXmqAHmqCCAl0YLCkuZX17aP7EgPA70D4ddKL+Nfy5P4RUP02jmqNiYXtp hfv+8xc6nVHl7hj9PH6fUB9cyTDpW1+vS5/guFhttWqtqOfZntKPJL1glkVlfFWR eU5dWwv9vCGDwEzEyzdlMrmDdFe7dA== =Pzbk -----END PGP SIGNATURE----- --tTIAUWYK7MpBr2IY9LJbgeylmbfFE50kq--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52463470-973e-aa5f-73f5-dd9ba39edf79>