[homenet] stupid babel tricks: routing ipv6 while keeping nat
Dave Taht <dave.taht@gmail.com> Fri, 03 April 2015 17:46 UTC
Return-Path: <dave.taht@gmail.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4932D1ACE5C for <homenet@ietfa.amsl.com>; Fri, 3 Apr 2015 10:46:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.7
X-Spam-Level:
X-Spam-Status: No, score=0.7 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rtQ4VUeT9kus for <homenet@ietfa.amsl.com>; Fri, 3 Apr 2015 10:46:53 -0700 (PDT)
Received: from mail-ob0-x230.google.com (mail-ob0-x230.google.com [IPv6:2607:f8b0:4003:c01::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9440B1ACE5B for <homenet@ietf.org>; Fri, 3 Apr 2015 10:46:53 -0700 (PDT)
Received: by obvd1 with SMTP id d1so179807328obv.0 for <homenet@ietf.org>; Fri, 03 Apr 2015 10:46:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=L3ox1G8f/THgXq8jQ3bGXCDkJtGnX2Wf6IXapZO3xUU=; b=UGAzVxRrM9n7TlRzsZXDQjG2LzGO/gfzm3272VjQtpFNvbaXv3ak97V11tBkQhjx0g woh3rjVuZqaH21e/RVdAeg4pMi57ez0CCs2dNriv41si42l/j75z9C9U3Rpa2BqzPOD0 vW6lRut54iiDOjxwQlBI1yB/iDBoj2g2m88Ks9PamZhphTWjR4hphNohm0DUSyLE75jQ BjndoaXeG8mshkdbGaPQPJGBT50XmGthfB1TtuuH9s4mHsfDi8ku+am9hH/dNctdsWeZ DRZSMua9Ox1PNgBlGgZW0OGXV5zq5Q23IH/tu6R4pIYscNxmbTvxKTNVzZMcvK65fSfQ CeZA==
MIME-Version: 1.0
X-Received: by 10.60.103.234 with SMTP id fz10mr4184214oeb.11.1428083213066; Fri, 03 Apr 2015 10:46:53 -0700 (PDT)
Received: by 10.202.51.66 with HTTP; Fri, 3 Apr 2015 10:46:52 -0700 (PDT)
Date: Fri, 03 Apr 2015 10:46:52 -0700
Message-ID: <CAA93jw6vxXHKVMOVkgVWfuAHJ0oo5f-h3+G+yospYZGXv=nDJg@mail.gmail.com>
From: Dave Taht <dave.taht@gmail.com>
To: "babel-users@lists.alioth.debian.org" <babel-users@lists.alioth.debian.org>, HOMENET <homenet@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/homenet/MsmEVU_Wl3EaXTSzBePdeZd_7lM>
Subject: [homenet] stupid babel tricks: routing ipv6 while keeping nat
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Apr 2015 17:46:55 -0000
I really need a better place than g+ to write this stuff down, and I am curious how you would do this with other daemons and routing protocols. Sometimes I am unwilling to take the time to unnat an internal router. So all I do is add two lines to /etc/babeld.conf to not distribute ipv4 addresses, and let me do ipv6 routed, only. That´s easy. To kill the ipv4 routing... out if eth0 ip 0.0.0.0/0 deny in if eth0 ip 0.0.0.0/0 deny Then I can arbitrarily give myself a real /128 ipv6 address from some range elsewhere on my source specific routed network - not even adding an ipv6 address to the router in question... and it automagically transits the network in that direction, even the hops that have no or a ula-only ipv6 address. The only thing this bugs is traceroute, it is transparent to other applications. root@nuc-client:~/public_html/archer_c7_O2# traceroute6 -n $_ traceroute to shipka.bufferbloat.net (2001:4f8:3:36::52) from 2601:a:4e10:4cc7::99, 30 hops max, 24 byte packets 1 fd75:d7b6:a0c6::1 0.29 ms 0.232 ms 0.238 ms 2 * * * 3 * * * 4 * * * 5 2601:9:4e00:4cb0::1 2.313 ms 1.928 ms 1.777 ms 6 * * * 7 2001:558:82:2623::1 15.664 ms 16.341 ms 11.83 ms 8 2001:558:80:17::1 22.258 ms 15.526 ms 11.844 ms 9 * * * 10 2001:558:0:f587::2 15.589 ms 13.895 ms 14.733 ms 11 2001:559::14e 17.713 ms 18.346 ms 13.916 ms 12 2001:4f8:0:1::4:1 14.851 ms 16.484 ms 14.67 ms 13 2001:4f8:1b:1::8:2 18.905 ms 19.527 ms 18.625 ms 14 2001:4f8:3:36::52 17.228 ms 14.048 ms 14.109 ms Current openwrt uses a default deny policy on the wan gateway, so you also have to open up the firewall for babel packets. config rule option name 'Allow-Babel' option family 'ipv6' option src 'wan' option dest_port '6696' option proto 'udp' option target 'ACCEPT' at least on the babels version of the uci scripts in chaos calmer, it is having trouble finding the br-lan option to give to babel in the first place, for some reason. -- Dave Täht Let's make wifi fast, less jittery and reliable again! https://plus.google.com/u/0/107942175615993706558/posts/TVX3o84jjmb
- [homenet] stupid babel tricks: routing ipv6 while… Dave Taht
- Re: [homenet] stupid babel tricks: routing ipv6 w… Lorenzo Colitti
- Re: [homenet] stupid babel tricks: routing ipv6 w… Emmanuel Baccelli