NAT64 translation fails (Port incorrect)

[blocktrron]

I'm seeing a strange Error with Jool v4.1.0 whne used with OpenWrt (K5.4) as well as Debian (K5.6).

ICMP Ping works always correctly, however TCP connections are not established. When looking at the actual traffic, the source and destination port become zero after the translation:

listening on wg-p2p, link-type RAW (Raw IP), capture size 262144 bytes
01:20:54.544620 IP6 2001:470:77a2:100:98b0:30d7:e735:8de9.41696 > 64:ff9b::8c52:7219.https: Flags [S], seq 1975057043, win 64320, options [mss 1340,sackOK,TS val 4005501162 ecr 0,nop,wscale 7], length 0
01:20:59.664950 IP6 2001:470:77a2:100:98b0:30d7:e735:8de9.40996 > 64:ff9b::3420:27e0.https: Flags [S], seq 1245960830, win 64320, options [mss 1340,sackOK,TS val 1628980175 ecr 0,nop,wscale 7], length 0
01:21:01.371703 IP6 2001:470:77a2:100:98b0:30d7:e735:8de9.41704 > 64:ff9b::8c52:7219.https: Flags [S], seq 2682521285, win 64320, options [mss 1340,sackOK,TS val 4005507988 ecr 0,nop,wscale 7], length 0
01:21:03.078051 IP6 2001:470:77a2:100:98b0:30d7:e735:8de9.41018 > 64:ff9b::3420:27e0.https: Flags [S], seq 115825453, win 64320, options [mss 1340,sackOK,TS val 1628983589 ecr 0,nop,wscale 7], length 0
01:21:03.079943 IP6 2001:470:77a2:100:98b0:30d7:e735:8de9.41708 > 64:ff9b::8c52:7219.https: Flags [S], seq 3435409165, win 64320, options [mss 1340,sackOK,TS val 4005509695 ecr 0,nop,wscale 7], length 0
^C
5 packets captured
5 packets received by filter
0 packets dropped by kernel
dbauer@localhost:~$ sudo tcpdump -i ens192 tcp port 0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens192, link-type EN10MB (Ethernet), capture size 262144 bytes
01:21:14.171614 IP 82.165.120.242.0 > ec2-52-32-39-224.us-west-2.compute.amazonaws.com.0: Flags [S], seq 2863866731, win 64320, options [mss 1340,sackOK,TS val 1628994682 ecr 0,nop,wscale 7], length 0
01:21:15.025462 IP 82.165.120.242.0 > 217-160-0-231.elastic-ssl.ui-r.com.0: Flags [S], seq 3733099487, win 64320, options [mss 1340,sackOK,TS val 2795138315 ecr 0,nop,wscale 7], length 0
01:21:15.026782 IP 82.165.120.242.0 > ec2-52-32-39-224.us-west-2.compute.amazonaws.com.0: Flags [S], seq 3088755243, win 64320, options [mss 1340,sackOK,TS val 1628995536 ecr 0,nop,wscale 7], length 0
01:21:15.026803 IP 82.165.120.242.0 > lb-140-82-114-25-iad.github.com.0: Flags [S], seq 383970050, win 64320, options [mss 1340,sackOK,TS val 4005521642 ecr 0,nop,wscale 7], length 0
01:21:18.228251 IP 82.165.120.242.0 > ec2-52-32-39-224.us-west-2.compute.amazonaws.com.0: Flags [S], seq 2863866731, win 64320, options [mss 1340,sackOK,TS val 1628998739 ecr 0,nop,wscale 7], length 0
01:21:26.331105 IP 82.165.120.242.0 > ec2-52-32-39-224.us-west-2.compute.amazonaws.com.0: Flags [S], seq 2863866731, win 64320, options [mss 1340,sackOK,TS val 1629006842 ecr 0,nop,wscale 7], length 0

For this result, I've followed the quick start guide for NAT64 on the Jool homepage.

[ydahhrk]

Actually, now that I think about it, it's not that critical because it has a workaround: Just populate pool4. This is an empty pool4 bug.

But whatever. Patch incoming in a few minutes.

Version 4.1.0 was a disaster. Remember to disable offloads.

[ydahhrk]

Sorry for the inconveniences. Version 4.1.1 will probably be released next Wednesday. Overall, I recommend downgrading to 4.0.9 in the meantime.

I'd appreciate it if you could test the patch, though.

[ydahhrk]

I'm going to reopen because this should definitely show up front and center in the bug list, at least until 4.1.1 is released.

[ydahhrk]

Released; closing.