[Bug 280390] NPTv6 not working

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 25 Jul 2024 10:53:36 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=280390

--- Comment #15 from John Hay <john@sanren.ac.za> ---
I have made a test setup with roughly your setup, but added the ndproxy port,
and added this to my rc.conf:

<snip>
ndproxy_enable="YES"
ndproxy_uplink_interface="vtnet0"
# mac and link-local address of upstream router
ndproxy_downlink_mac_address="0c:07:42:82:00:01"
ndproxy_uplink_ipv6_addresses="fe80::e07:42ff:fe82:1"
</snip>

I tweaked the /etc/ipfw.rules a little and left the ipv4 stuff out:
<snip>
#!/bin/sh
ipfw -q -f flush
cmd="ipfw -q add "
ipfw disable one_pass
ipfw nptv6 NPT create int_prefix fdc9:281f:4d7:9ee9:: ext_if vtnet0 prefixlen
64
$cmd allow ip6 from fe80::/10 to ff02::/16
$cmd allow ip6 from fe80::/10 to fe80::/10
$cmd nptv6 NPT ip6 from any to any via vtnet0
$cmd allow icmp6 from any to any
$cmd allow icmp from any to any
$cmd allow ip6 from any to any
</snip>

With this I had a working ping6.

-- 
You are receiving this mail because:
You are on the CC list for the bug.