search

NICMx / Jool

SIIT and NAT64 for Linux
GNU General Public License v2.0
320 stars 66 forks source link

Map-T run problems #367

Closed norbertn503 closed 2 years ago

norbertn503 commented 2 years ago

Hi!

I'm trying to run Map-T based on this article https://www.jool.mx/en/run-mapt.html I have to change the client subnet to 172.16.0.0/24 network.

I run in to the following problem. The NAPT function works fine on CE but the Jool translation not, i can see the following packet cupture

image

These are the configurations that i am using:

Client: /sbin/ip address add 172.16.0.4/24 dev eth1 /sbin/ip link set eth1 up /sbin/ip route add 203.0.113.0/24 via 172.16.0.1

Server: /sbin/ip address add 203.0.113.56/24 dev eth1 /sbin/ip link set eth1 up /sbin/ip route add 192.0.2.0/24 via 203.0.113.1

CE: /sbin/ip netns add napt /sbin/ip link add to_napt type veth peer name to_global netns napt /sbin/ip link set eth1 netns napt /sbin/ip address add 2001:db8:6::11b/64 dev eth2 /sbin/ip address add 10.0.0.1/24 dev to_napt /sbin/ip netns exec napt /sbin/ip address add 10.0.0.2/24 dev to_global /sbin/ip netns exec napt /sbin/ip address add 172.16.0.1/24 dev eth1 /sbin/ip link set eth2 up /sbin/ip link set to_napt up /sbin/ip netns exec napt /sbin/ip link set to_global up /sbin/ip netns exec napt /sbin/ip link set eth1 up /sbin/ip netns exec napt /sbin/ip route add default via 10.0.0.1 /sbin/ip route add 64:ff9b::/96 via 2001:db8:6::1 /sbin/ip route add 192.0.2.8/32 via 10.0.0.2 /sbin/ip netns exec napt /sbin/sysctl -w net.ipv4.conf.all.forwarding=1 /sbin/sysctl -w net.ipv4.ip_forward=1 /sbin/sysctl -w net.ipv6.conf.all.forwarding=1 /sbin/ip netns exec napt iptables -t nat -A POSTROUTING -s 172.16.0.0/24 -o to_global -p tcp -j SNAT --to-source 192.0.2.8:55296-57343 /sbin/ip netns exec napt iptables -t nat -A POSTROUTING -s 172.16.0.0/24 -o to_global -p udp -j SNAT --to-source 192.0.2.8:55296-57343

/sbin/modprobe jool_mapt jool_mapt instance add "CE 11b" --netfilter --dmr 64:ff9b::/96 jool_mapt -i "CE 11b" global update end-user-ipv6-prefix 2001:db8:ce:11b::/64 jool_mapt -i "CE 11b" global update bmr 2001:db8:ce::/51 192.0.2.0/24 13 0

BR: /sbin/ip link set eth1 up /sbin/ip address add 2001:db8:6::1/64 dev eth1 /sbin/ip link set eth2 up /sbin/ip address add 203.0.113.1/24 dev eth2 /sbin/ip route add 2001:db8:ce:11b::/64 via 2001:db8:6::11b /sbin/sysctl -w net.ipv4.ip_forward=1 /sbin/sysctl -w net.ipv6.conf.all.forwarding=1

/sbin/modprobe jool_mapt jool_mapt instance add "BR" --netfilter --dmr 64:ff9b::/96 jool_mapt -i "BR" fmrt add 2001:db8:ce::/51 192.0.2.0/24 13 0

I'm using VMware virtual machines with Debian images.

Any help would be appriciated

ydahhrk commented 2 years ago

It seems there's an undocumented step: MAP-T translators behave as BRs by default. You'll need to adjust that.

In the CE, please run

jool_mapt -i "CE 11b" global update map-t-type CE
norbertn503 commented 2 years ago

It works fine now, thank you for your quick help!