FreeBSD NAT64 w/ Tayga

Can you share a URL Link to this Tayga or /64 Tayga. Could not find enough information about it, when preforming a google search. You have any error messages to share?
NAT64 Tayga setup
https://www.reddit.com/r/opnsense/comments/uuthtj/tayga_help/ This info here should help you. Only 23 days old. Talks about IPV6 only network. Tayga wanting only static IPv6 address. Mentioned Jool. You comment there and back here when you have a running solution

Just to update, I got NAT64+DNS64 working on a VPS running FreeBSD.
NAT64 = Tayga(had to compile from source)
DNS64= Unbound
Had to adjust MSS to 1440 via PF firewall else certain IPv4 sites won't load.

OpenSense Documents https://docs.opnsense.org/manual/how-tos/tayga.html

Tayga Configuration PNG file enable Unbound DNS https://i.imgur.com/cmRXhsg.png

Switched my home network to ipv6

https://www.researchgate.net/projec...rity-Analysis-of-IPv6-Transition-Technologies IPv6 Transition Technologies, Papers DNS64 Tayga64
 
Yeah I posted a working config but that was using a /48 and Tayga had it's own /64 split from it.

I tried with a single /64 but that doesn't seem to work. So wondering if anyone has gotten it to work with a single /64 subnet or it will only work if Tayga has it's own /64.
 
Look at Bottom of Blog for Tayga Entry about IPV6 ping not being returned

Here is direct Link Gawen Blog post 1322 Tayga ping IP4 address from IP6 Tayga host
In my case I use Tayga NAT64 router along with Unbound DNS64 module. There are several posts out there that explain how to configure these two and this is not my intent here. Instead I want to focus on a problem that I had using Tayga’s NAT64 locally. That is trying to ping a non-IPv6 domain from the host that is running Tayga:

$ ping6 ipv4.google.com


This command worked fine from outside the host running Tayga (for packets routed through the NAT64 router), but didn’t work at all when issued on the host running Tayga.

Suppose we have:

  • Internet routed prefix: 2001:db8:1::/64
  • NAT64 IPv6 prefix: 2001:db8:64::/96
  • NAT64 IPv6 address: 2001:db8:1::64
  • NAT64 IPv4 address: 192.168.1.64
Then the nat64 interface will have the 2001:db8:1::64 IPv6 address. Just add another IPv6 address to this interface with:

ifconfig nat64 inet6 add 2001:db8:1::46 netmask 128

Tadaaa! Now when you try to reach a NAT64 address locally, the address you just added to nat64 will be used instead as the source address. Since this is not Tayga’s own IPv6 address, it will dutifully map the NAT64 using its IPv4 address pool and translate the reply back to the new IPv6 address. In other words NAT64 addresses now work on the host running the NAT64 router.

I came across this Gawen Blog, looking at aarch64 stuff and at the bottom found the above data. If these works for you, maybe you can improve the Tayga documents or post the working solution in their forums to help the next guy.
 
wb7odyfred said:
Just to update, I got NAT64+DNS64 working on a VPS running FreeBSD.
NAT64 = Tayga(had to compile from source)
DNS64= Unbound
Had to adjust MSS to 1440 via PF firewall else certain IPv4 sites won't load.
Click to expand...

That was something I wrote. Are you impersonating by using other people's post or are you replying by quoting from some other post on this forum or from an external blog post ?
 
Anyway, I should rephrase my initial question. If you have a VPS that only gives you a single /64, will Tayga work ?

Secondly, I already have a working Tayga setup with a routed /48 and allocated a single /64 to Tayga.
 
Yes, I copied someone elses post about that issue by "replying by quoting". (seems that you wrote that information, okay, my bad.)
Yes, I have not answered your question about a "VPS that only gives you a single /64, will Tayga work?

I have google-fu searched to find a solution, and not come up with anything. Gawen's blog post 1322, I thought hinted at a solution for translating IPv6 to IPv4 addresses. Admit, that I don't understand enough to offer a good solution.

https://forums.he.net/index.php?topic=2500.0 Hurricane Electric Forum showing Tayga /64 setup, may be of interest to you.
ycombinator new item 65 days old talking about IPv6 adoption problems

I tweeted here to subnetspider
https://twitter.com/i/web/status/1624454774061170688
View: https://twitter.com/finster_fred/status/1624454774061170688
He may answer you question, Mumu.
https://www.sciencedirect.com/science/article/pii/S0140366419311569 Found this paper with a Tayga setup at the bottom of the paper. Yes, it is testing. I thought it may also give a hint to answer your question.

Performance analysis of SIIT implementations: Testing and improving the methodology​

 
wb7odyfred said:
Yes, I copied someone elses post about that issue by "replying by quoting". (seems that you wrote that information, okay, my bad.)
Yes, I have not answered your question about a "VPS that only gives you a single /64, will Tayga work?

I have google-fu searched to find a solution, and not come up with anything. Gawen's blog post 1322, I thought hinted at a solution for translating IPv6 to IPv4 addresses. Admit, that I don't understand enough to offer a good solution.

https://forums.he.net/index.php?topic=2500.0 Hurricane Electric Forum showing Tayga /64 setup, may be of interest to you.
ycombinator new item 65 days old talking about IPv6 adoption problems

I tweeted here to subnetspider
https://twitter.com/i/web/status/1624454774061170688
View: https://twitter.com/finster_fred/status/1624454774061170688
He may answer you question, Mumu.
https://www.sciencedirect.com/science/article/pii/S0140366419311569 Found this paper with a Tayga setup at the bottom of the paper. Yes, it is testing. I thought it may also give a hint to answer your question.

Performance analysis of SIIT implementations: Testing and improving the methodology​

Click to expand...
No worries and thanks for doing the searches. Will try it out and give feedback when it's working.
 
wb7odyfred said:
https://forums.he.net/index.php?topic=2500.0 Hurricane Electric Forum showing Tayga /64 setup, may be of interest to you.
Click to expand...

Just tried this and it doesn't work with a single /64. Some details:-

2001:db8:1111:2222::1/64 ( allocated by Provider/ISP )

2001:db8:1111:2222:aaaa::1/80 ( static route to dev tun0 ) <-- Tayga

2001:db8:1111:2222:eeee::/96 ( static route to dev tun0 ) <-- Tayga

With this in place, ping6 from the remote machine to 2001:db8:1111:2222:eeee::8.8.8.8 results in destination host unreachable.

However, if the assigned prefix from ISP is /48 and Tayga has it's own /64, pinging from a remote machine works as intended.
 
https://www.reddit.com/r/opnsense/comments/uuthtj/tayga_help/ OPNSENSE help with tayga setup. Look near the end.
https://forum.opnsense.org/index.php?action=profile;area=showposts;sa=messages;u=29250 Some other useful help

https://forums.he.net/index.php?topic=2500.0 Old 2012 Hurricane Electric user post with Tayga setup

https://forums.he.net/index.php?topic=3577.0 2016 Hurricane Electric Post with help pinging /64 IPv6 address

https://www.arnavion.dev/blog/2020-04-18-i-switched-my-home-network-to-ipv6/ Has extensive Detail setup
 
Got this from a twitter post that subnetspider answered me back. Great, this reply is helpful to you, MuMu.


subnetspider

@subnetspider
·
Feb 11

Replying to
@finster_fred
You can use either the 64:ff9b::/96 or your GUA prefix for NAT64, and for your clients you can use the fd00::/8 or your GUA prefix (although I've heard using a ULA prefix can conflict with clients using 464XLAT). I've only tried Tayga with OPNsense, so your experience may vary.
 
You must log in or register to reply here.
Back
Top