Hello,
I'm tying to build a gateway between a full ipv6 network to a ipv4 network. I choose to test at first ipfw (i will test taiga next).
My lab is based on BSDRP (1.92) systems inspired by "https://bsdrp.net/documentation/examples/nat64#r21". It is not exactly the same but the idea stay.
Unless I do not success...
I have a workstation in IPv6 connected to an IPv6 interface on a router and a workstation IPv4 connected to the ipv4 interface on the same router.
The pings work to the router from the workstations but not the 6 to 4 NAT between workstations.
When I look at the ipfw0 interface, I do not see any packet but the ipfw counter is incremented. I see the input traffic on the interface but nothing on the output.
This is my ipfw rules file :
this is the rules counters :
and on the statistics :
I do not know why the packets are discarded and what is the error.
Somebody have an idea what I missed ? How can I check what happened in ipfw ?
Regards,
I'm tying to build a gateway between a full ipv6 network to a ipv4 network. I choose to test at first ipfw (i will test taiga next).
My lab is based on BSDRP (1.92) systems inspired by "https://bsdrp.net/documentation/examples/nat64#r21". It is not exactly the same but the idea stay.
Unless I do not success...
I have a workstation in IPv6 connected to an IPv6 interface on a router and a workstation IPv4 connected to the ipv4 interface on the same router.
The pings work to the router from the workstations but not the 6 to 4 NAT between workstations.
When I look at the ipfw0 interface, I do not see any packet but the ipfw counter is incremented. I see the input traffic on the interface but nothing on the output.
This is my ipfw rules file :
Code:
#!/bin/sh
fwcmd="/sbin/ipfw"
kldstat -q -m ipfw_nat64 || kldload ipfw_nat64
${fwcmd} -f flush
${fwcmd} nat64lsn NAT64 create prefix4 10.0.148.64/26
${fwcmd} add allow log icmp6 from any to any icmp6types 135,136
${fwcmd} add nat64lsn NAT64 ip from 2001:db8:12::/64 to 64:ff9b::/96 in
${fwcmd} add nat64lsn NAT64 ip from any to 10.0.148.64/26 in
${fwcmd} add allow log ip from any to any
this is the rules counters :
Code:
[root@rTST64]~# ipfw -a list
00100 120 8168 allow log ipv6-icmp from any to any icmp6types 135,136
00200 1009 56504 nat64lsn NAT64 ip from 2001:db8:12::/64 to 64:ff9b::/96 in
00300 0 0 nat64lsn NAT64 ip from any to 10.0.148.64/26 in
00400 109 12216 allow log ip from any to any
65535 0 0 deny ip from any to any
and on the statistics :
Code:
[root@rTST64]~# ipfw nat64lsn NAT64 stats
nat64lsn NAT64
0 packets translated from IPv6 to IPv4
0 packets translated from IPv4 to IPv6
0 IPv6 fragments created
0 IPv4 fragments received
0 output packets dropped due to no bufs, etc.
0 output packets discarded due to no IPv4 route
0 output packets discarded due to no IPv6 route
0 packets discarded due to unsupported protocol
0 packets discarded due to memory allocation problems
1009 packets discarded due to some errors
0 packets not matched with IPv4 prefix
1 mbufs queued for post processing
2 times the job queue was processed
2 job requests queued
0 job requests queue limit reached
0 job requests failed due to memory allocation problems
1 hosts allocated
1 hosts requested
0 host requests failed
0 portgroups requested
1 portgroups allocated
2 portgroups deleted
0 portgroup requests failed
0 portgroups allocated for TCP
0 portgroups allocated for UDP
0 portgroups allocated for ICMP
0 states created
0 states deleted
I do not know why the packets are discarded and what is the error.
Somebody have an idea what I missed ? How can I check what happened in ipfw ?
Regards,