NAT64 return traffic vanishes after successful de-alias
Andrey V. Elsukov
bu7cher at yandex.ru
Sun Dec 15 10:46:48 UTC 2019
On 14.12.2019 22:54, John W. O'Brien wrote:
> Hello FreeBSD Networking,
>
> As the subject summarizes, I have a mostly-working NAT64 rig, but return
> traffic is disappearing, and I haven't been able to figure out why. I
> observe the post-translation (4-to-6) packets via ipfwlog0, but a simple
> ipfw counter rule ipfw matches nothing.
I suspect you have disabled IPv6 on the interface, where IPv4 address is
configured. Check that IFDISABLED flag is not set on the IPv4 side
interface.
When NAT64 does translation, by default it reschedules a packet again on
the same interface, but from another address family, so if you have
disabled IPv6, a packet will be just dropped by ip6_input.
You can enable IPv6 by the following command:
# ifconfig igb0 inet6 -ifdisabled
--
WBR, Andrey V. Elsukov
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20191215/0b848b90/attachment.sig>
More information about the freebsd-net
mailing list