Date: Fri, 03 Aug 2007 10:08:48 +0200 From: Lapo Luchini <lapo@lapo.it> To: freebsd-hackers@freebsd.org Subject: Re: 6to4, stf and shoebox NAT routers Message-ID: <f8unqh$ebk$1@sea.gmane.org> In-Reply-To: <yge3bv16a9e.wl%ume@mahoroba.org> References: <4232198F.5030705@kfu.com> <yge3bv16a9e.wl%ume@mahoroba.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hajimu UMEMOTO wrote: > I posted my proposed patch to current@ for review in the past. But, > no one responded. Could you test this? This is for 6-CURRENT at Feb 1. > If it doesn't apply cleanly, please let me know. It applied cleanly to 6.2-STABLE and seems to work perfectly... outbound at least. I have a box at home called cyberx which has static IPv4 but is NATted (and is thus using your patch). The other test box is a server called motoko which has static IPv4 assigned to one of his interfaces directly (no patches here). The wl500g router correctly forwards the protocol 41 packets to cyberx. Pinging from cyberx to motoko (and using tcpdump on both) I can see that: a. cyberx if producing correct IPv4 packets that are from his local NATted address to the real motoko address, but containing a IPv6 packet that contains the '2002:'-encoding of both real IPv4 addresses b. motoko is receiving the echo request correctly c. motoko is sending the echo reply correctly d. cyberx is receiving the echo reply encapsulated in IPv4 packets correctly e. cyberx's stf0 interface IS NOT RECEIVING his IPv6 echo reply f. the 'ping' command thinks that all packets are lost Does you patch address incoming packets too? Can I do some ipfw magic to convince stf to receive also incoming packets with a mismatched IPv4-IPv6 address? Lapo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f8unqh$ebk$1>