if_stf bug/feature
Hajimu UMEMOTO
ume at FreeBSD.org
Tue May 11 03:01:06 PDT 2004
Hi,
>>>>> On Thu, 6 May 2004 10:21:13 +0200
>>>>> Lukasz Stelmach <Lukasz.Stelmach at telmark.waw.pl> said:
Lukasz> Well i *have*got* one v4ADDR that is assigned to my nat/router-box. I
Lukasz> have also configured that it should pass all packets that are not part
Lukasz> of some known connections (from M1 M2 .. Mn) (including but not limited
Lukasz> to proto 41) to one specified machine (name it TIGGER) that acts as the
Lukasz> end of 6to4 tunnel for all other computers in the LAN. Now, for i
Lukasz> controll both the nat and TIGGER i can do such manglig without any
Lukasz> harm. Let's say taht to the rest of the world the nat+TIGGER act like
Lukasz> a single machine.
Yes, current if_stf is too restrictive against NAT, and skipping
certain checks enablea us to use 6to4 even behind NAT. I believe it
doesn't break RFC3056.
Once, I made a patch to do so for a friend of mine. But, it was based
on old source and somewhat redundant. I've just made a patch against
recent 5-CURRENT. But, I've not estimated if there are side effects.
I don't have testing environment for 6to4, now. Could you test it?
Sincerely,
--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume at mahoroba.org ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/
More information about the freebsd-net
mailing list