search

toreanderson / clatd

A 464XLAT CLAT implementation for Linux
MIT License
213 stars 19 forks source link

Looks like working properly but still has no IPv4 connectivity #17

Closed Sumire-Heanna closed 3 years ago

Sumire-Heanna commented 4 years ago

Hi I has starting clatd and and below is it outputs, looks like it working properly, but I still could not accessing IPv4 network, netstat displays that there are no sockets created by clatd connect to any NAT64 destnation.

root@srv17086:~# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 2a02:180:6:1::2f58  prefixlen 128  scopeid 0x0<global>
        inet6 fe80::284:edff:fed6:daaa  prefixlen 64  scopeid 0x20<link>
        ether 00:84:ed:d6:da:aa  txqueuelen 1000  (Ethernet)
        RX packets 4012488  bytes 4512357414 (4.2 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4184256  bytes 4173644024 (3.8 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 3770264  bytes 4218840186 (3.9 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3770264  bytes 4218840186 (3.9 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

root@srv17086:~# clatd -d
readconf('/etc/clatd.conf')
Configuration successfully read, dumping it:
  clat-dev=clat
  clat-v4-addr=192.0.0.1
  clat-v6-addr=2a02:180:6:1::2f58
  cmd-ip=ip
  cmd-ip6tables=ip6tables
  cmd-tayga=tayga
  debug=1
  dns64-servers=2a01:4f8:c2c:123f::1
  forwarding-enable=1
  ip6tables-enable=<undefined>
  plat-dev=<undefined>
  plat-prefix=<undefined>
  proxynd-enable=1
  quiet=0
  script-down=<undefined>
  script-up=<undefined>
  tayga-conffile=<undefined>
  tayga-v4-addr=192.0.0.2
  v4-conncheck-delay=10
  v4-conncheck-enable=1
  v4-defaultroute-advmss=0
  v4-defaultroute-enable=1
  v4-defaultroute-metric=2048
  v4-defaultroute-mtu=1260
  v4-defaultroute-replace=0
Starting clatd v1.5 by Tore Anderson <tore@fud.no>
Performing DNS64-based PLAT prefix discovery (cf. RFC 7050)
Looking up 'ipv4only.arpa' using DNS64 server 2a01:4f8:c2c:123f::1
check_wka(): Testing to see if 2a01:4f8:c2c:123f:64:3:c000:aa was DNS64-synthesised
Inferred PLAT prefix 2a01:4f8:c2c:123f:64:3::/96 from AAAA record 2a01:4f8:c2c:123f:64:3:c000:aa
check_wka(): Testing to see if 2a01:4f8:c2c:123f:64:3:c000:ab was DNS64-synthesised
Inferred PLAT prefix 2a01:4f8:c2c:123f:64:3::/96 from AAAA record 2a01:4f8:c2c:123f:64:3:c000:ab
check_wka(): Testing to see if 2a00:1098:2b:0:0:0:c000:ab was DNS64-synthesised
Inferred PLAT prefix 2a00:1098:2b::/96 from AAAA record 2a00:1098:2b:0:0:0:c000:ab
check_wka(): Testing to see if 2a00:1098:2b:0:0:0:c000:aa was DNS64-synthesised
Inferred PLAT prefix 2a00:1098:2b::/96 from AAAA record 2a00:1098:2b:0:0:0:c000:aa
check_wka(): Testing to see if 2a00:1098:2c:0:0:1:c000:ab was DNS64-synthesised
Inferred PLAT prefix 2a00:1098:2c::1:0:0/96 from AAAA record 2a00:1098:2c:0:0:1:c000:ab
check_wka(): Testing to see if 2a00:1098:2c:0:0:1:c000:aa was DNS64-synthesised
Inferred PLAT prefix 2a00:1098:2c::1:0:0/96 from AAAA record 2a00:1098:2c:0:0:1:c000:aa
<warn> Multiple PLAT prefixes discovered (2a01:4f8:c2c:123f:64:3::/96 2a00:1098:2b::/96 2a00:1098:2c::1:0:0/96), using the first seen
Using PLAT (NAT64) prefix: 2a01:4f8:c2c:123f:64:3::/96
get_plat_dev(): finding which network dev faces the PLAT
get_plat_dev(): Found PLAT-facing device: eth0
Device facing the PLAT: eth0
Using CLAT IPv4 address: 192.0.0.1
Using CLAT IPv6 address: 2a02:180:6:1::2f58
Checking if this system already has IPv4 connectivity in 10 sec(s)
Reading sysctl /proc/sys/net/ipv6/conf/all/forwarding
/proc/sys/net/ipv6/conf/all/forwarding is set to '0'
Enabling IPv6 forwarding
Reading sysctl /proc/sys/net/ipv6/conf/default/accept_ra
/proc/sys/net/ipv6/conf/default/accept_ra is set to '1'
Changing /proc/sys/net/ipv6/conf/default/accept_ra from 1 to 2 to prevent connectivity loss after enabling IPv6 forwarding
Setting sysctl /proc/sys/net/ipv6/conf/default/accept_ra=2
Reading sysctl /proc/sys/net/ipv6/conf/eth0/accept_ra
/proc/sys/net/ipv6/conf/eth0/accept_ra is set to '1'
Changing /proc/sys/net/ipv6/conf/eth0/accept_ra from 1 to 2 to prevent connectivity loss after enabling IPv6 forwarding
Setting sysctl /proc/sys/net/ipv6/conf/eth0/accept_ra=2
Reading sysctl /proc/sys/net/ipv6/conf/lo/accept_ra
/proc/sys/net/ipv6/conf/lo/accept_ra is set to '1'
Changing /proc/sys/net/ipv6/conf/lo/accept_ra from 1 to 2 to prevent connectivity loss after enabling IPv6 forwarding
Setting sysctl /proc/sys/net/ipv6/conf/lo/accept_ra=2
Setting sysctl /proc/sys/net/ipv6/conf/all/forwarding=1
Adding ip6tables rules allowing traffic between the CLAT and PLAT devices
cmd(ip6tables -I FORWARD -i clat -o eth0 -j ACCEPT)
cmd(ip6tables -I FORWARD -i eth0 -o clat -j ACCEPT)
 on eth0 Proxy-ND for 2a02:180:6:1::2f58
Reading sysctl /proc/sys/net/ipv6/conf/eth0/proxy_ndp
/proc/sys/net/ipv6/conf/eth0/proxy_ndp is set to '0'
Setting sysctl /proc/sys/net/ipv6/conf/eth0/proxy_ndp=1
Enabled Proxy-ND sysctl for eth0
 dev eth0)neighbour add proxy 2a02:180:6:1::2f58
".ror: inet6 address is expected rather than "2a02:180:6:1::2f58
 dev eth0) returned 0hbour add proxy 2a02:180:6:1::2f58
Creating and configuring up CLAT device 'clat'
cmd(tayga --config /tmp/PNqrArs8O7 --mktun -d)
Created persistent tun device clat
cmd(ip link set up dev clat)
cmd(ip -4 address add 192.0.0.1 dev clat)
 dev clat)route add 2a02:180:6:1::2f58
".ror: inet6 prefix is expected rather than "2a02:180:6:1::2f58
 dev clat) returned 0te add 2a02:180:6:1::2f58
Cleanup: Removing CLAT device
cmd(tayga --config /tmp/PNqrArs8O7 --rmtun)
Removed persistent tun device clat
Cleanup: Deleting TAYGA config file '/tmp/PNqrArs8O7'
Cleanup: Resetting forwarding sysctl to 0
Setting sysctl /proc/sys/net/ipv6/conf/all/forwarding=0
Cleanup: Resetting /proc/sys/net/ipv6/conf/default/accept_ra to 1
Setting sysctl /proc/sys/net/ipv6/conf/default/accept_ra=1
Cleanup: Resetting /proc/sys/net/ipv6/conf/eth0/accept_ra to 1
Setting sysctl /proc/sys/net/ipv6/conf/eth0/accept_ra=1
Cleanup: Resetting /proc/sys/net/ipv6/conf/lo/accept_ra to 1
Setting sysctl /proc/sys/net/ipv6/conf/lo/accept_ra=1
Cleanup: Resetting proxy_ndp sysctl to 0
Setting sysctl /proc/sys/net/ipv6/conf/eth0/proxy_ndp=0
on eth0: Removing Proxy-ND entry for 2a02:180:6:1::2f58
 dev eth0)neighbour delete proxy 2a02:180:6:1::2f58
".ror: inet6 address is expected rather than "2a02:180:6:1::2f58
 dev eth0) returned 0hbour delete proxy 2a02:180:6:1::2f58
Cleanup: Removing ip6tables rules allowing traffic between the CLAT and PLAT devices
cmd(ip6tables -D FORWARD -i clat -o eth0 -j ACCEPT)
cmd(ip6tables -D FORWARD -i eth0 -o clat -j ACCEPT)
toreanderson commented 4 years ago

This looks very wrong:

 dev eth0)neighbour add proxy 2a02:180:6:1::2f58
".ror: inet6 address is expected rather than "2a02:180:6:1::2f58
 dev eth0) returned 0hbour add proxy 2a02:180:6:1::2f58
(…)
on eth0: Removing Proxy-ND entry for 2a02:180:6:1::2f58
 dev eth0)neighbour delete proxy 2a02:180:6:1::2f58
".ror: inet6 address is expected rather than "2a02:180:6:1::2f58
 dev eth0) returned 0hbour delete proxy 2a02:180:6:1::2f58

I suspect there's a stray \r character on the clat-v6-addr line in your config file. Could you send the output of cat -A /etc/clatd.conf, please?

Sumire-Heanna commented 4 years ago

This looks very wrong:

 dev eth0)neighbour add proxy 2a02:180:6:1::2f58
".ror: inet6 address is expected rather than "2a02:180:6:1::2f58
 dev eth0) returned 0hbour add proxy 2a02:180:6:1::2f58
(…)
on eth0: Removing Proxy-ND entry for 2a02:180:6:1::2f58
 dev eth0)neighbour delete proxy 2a02:180:6:1::2f58
".ror: inet6 address is expected rather than "2a02:180:6:1::2f58
 dev eth0) returned 0hbour delete proxy 2a02:180:6:1::2f58

I suspect there's a stray \r character on the clat-v6-addr line in your config file. Could you send the output of cat -A /etc/clatd.conf, please?

Yeah... There is a \r\n after IP address, possibly I overlooked that Windows set CRLF as default when editing

root@srv17086:~# cat -A /etc/clatd.conf
clat-v6-addr=2a02:180:6:1::2f58^M$
dns64-servers=2a01:4f8:c2c:123f::1root@srv17086:~#

Then I fix that to LF and I lost all of internet access both IPv6 and IPv4 until stop clatd... 

root@srv17086:~# clatd -d
readconf('/etc/clatd.conf')
Configuration successfully read, dumping it:
  clat-dev=clat
  clat-v4-addr=192.0.0.1
  clat-v6-addr=2a02:180:6:1::2f58
  cmd-ip=ip
  cmd-ip6tables=ip6tables
  cmd-tayga=tayga
  debug=1
  dns64-servers=2a01:4f8:c2c:123f::1
  forwarding-enable=1
  ip6tables-enable=<undefined>
  plat-dev=<undefined>
  plat-prefix=<undefined>
  proxynd-enable=1
  quiet=0
  script-down=<undefined>
  script-up=<undefined>
  tayga-conffile=<undefined>
  tayga-v4-addr=192.0.0.2
  v4-conncheck-delay=10
  v4-conncheck-enable=1
  v4-defaultroute-advmss=0
  v4-defaultroute-enable=1
  v4-defaultroute-metric=2048
  v4-defaultroute-mtu=1260
  v4-defaultroute-replace=0
Starting clatd v1.5 by Tore Anderson <tore@fud.no>
Performing DNS64-based PLAT prefix discovery (cf. RFC 7050)
Looking up 'ipv4only.arpa' using DNS64 server 2a01:4f8:c2c:123f::1
check_wka(): Testing to see if 2a00:1098:2c:0:0:1:c000:aa was DNS64-synthesised
Inferred PLAT prefix 2a00:1098:2c::1:0:0/96 from AAAA record 2a00:1098:2c:0:0:1:c000:aa
check_wka(): Testing to see if 2a01:4f8:c2c:123f:64:3:c000:aa was DNS64-synthesised
Inferred PLAT prefix 2a01:4f8:c2c:123f:64:3::/96 from AAAA record 2a01:4f8:c2c:123f:64:3:c000:aa
check_wka(): Testing to see if 2a01:4f8:c2c:123f:64:3:c000:ab was DNS64-synthesised
Inferred PLAT prefix 2a01:4f8:c2c:123f:64:3::/96 from AAAA record 2a01:4f8:c2c:123f:64:3:c000:ab
check_wka(): Testing to see if 2a00:1098:2b:0:0:0:c000:aa was DNS64-synthesised
Inferred PLAT prefix 2a00:1098:2b::/96 from AAAA record 2a00:1098:2b:0:0:0:c000:aa
check_wka(): Testing to see if 2a00:1098:2b:0:0:0:c000:ab was DNS64-synthesised
Inferred PLAT prefix 2a00:1098:2b::/96 from AAAA record 2a00:1098:2b:0:0:0:c000:ab
check_wka(): Testing to see if 2a00:1098:2c:0:0:1:c000:ab was DNS64-synthesised
Inferred PLAT prefix 2a00:1098:2c::1:0:0/96 from AAAA record 2a00:1098:2c:0:0:1:c000:ab
<warn> Multiple PLAT prefixes discovered (2a00:1098:2c::1:0:0/96 2a01:4f8:c2c:123f:64:3::/96 2a00:1098:2b::/96), using the first seen
Using PLAT (NAT64) prefix: 2a00:1098:2c::1:0:0/96
get_plat_dev(): finding which network dev faces the PLAT
get_plat_dev(): Found PLAT-facing device: eth0
Device facing the PLAT: eth0
Using CLAT IPv4 address: 192.0.0.1
Using CLAT IPv6 address: 2a02:180:6:1::2f58
Checking if this system already has IPv4 connectivity in 10 sec(s)
Reading sysctl /proc/sys/net/ipv6/conf/all/forwarding
/proc/sys/net/ipv6/conf/all/forwarding is set to '0'
Enabling IPv6 forwarding
Reading sysctl /proc/sys/net/ipv6/conf/default/accept_ra
/proc/sys/net/ipv6/conf/default/accept_ra is set to '1'
Changing /proc/sys/net/ipv6/conf/default/accept_ra from 1 to 2 to prevent connectivity loss after enabling IPv6 forwarding
Setting sysctl /proc/sys/net/ipv6/conf/default/accept_ra=2
Reading sysctl /proc/sys/net/ipv6/conf/eth0/accept_ra
/proc/sys/net/ipv6/conf/eth0/accept_ra is set to '1'
Changing /proc/sys/net/ipv6/conf/eth0/accept_ra from 1 to 2 to prevent connectivity loss after enabling IPv6 forwarding
Setting sysctl /proc/sys/net/ipv6/conf/eth0/accept_ra=2
Reading sysctl /proc/sys/net/ipv6/conf/lo/accept_ra
/proc/sys/net/ipv6/conf/lo/accept_ra is set to '1'
Changing /proc/sys/net/ipv6/conf/lo/accept_ra from 1 to 2 to prevent connectivity loss after enabling IPv6 forwarding
Setting sysctl /proc/sys/net/ipv6/conf/lo/accept_ra=2
Setting sysctl /proc/sys/net/ipv6/conf/all/forwarding=1
Adding ip6tables rules allowing traffic between the CLAT and PLAT devices
cmd(ip6tables -I FORWARD -i clat -o eth0 -j ACCEPT)
cmd(ip6tables -I FORWARD -i eth0 -o clat -j ACCEPT)
Enabling Proxy-ND for 2a02:180:6:1::2f58 on eth0
Reading sysctl /proc/sys/net/ipv6/conf/eth0/proxy_ndp
/proc/sys/net/ipv6/conf/eth0/proxy_ndp is set to '0'
Setting sysctl /proc/sys/net/ipv6/conf/eth0/proxy_ndp=1
Enabled Proxy-ND sysctl for eth0
cmd(ip -6 neighbour add proxy 2a02:180:6:1::2f58 dev eth0)
Creating and configuring up CLAT device 'clat'
cmd(tayga --config /tmp/EOfCYfsV3r --mktun -d)
Created persistent tun device clat
cmd(ip link set up dev clat)
cmd(ip -4 address add 192.0.0.1 dev clat)
cmd(ip -6 route add 2a02:180:6:1::2f58 dev clat)
Adding IPv4 default route via the CLAT
cmd(ip -4 route add default dev clat metric 2048 mtu 1260 advmss 1220)
Starting up TAYGA, using config file '/tmp/EOfCYfsV3r'
cmd(tayga --config /tmp/EOfCYfsV3r --nodetach -d)
starting TAYGA 0.9.2
Using tun device clat with MTU 1500
TAYGA's IPv4 address: 192.0.0.2
TAYGA's IPv6 address: 2a00:1098:2c::1:c000:2
NAT64 prefix: 2a00:1098:2c::1:0:0/96

root@srv17086:~# ifconfig
clat: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 192.0.0.1  netmask 255.255.255.255  destination 192.0.0.1
        inet6 fe80::e28b:ef4b:1293:d736  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 3289  bytes 269202 (262.8 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3301  bytes 204110 (199.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 2a02:180:6:1::2f58  prefixlen 128  scopeid 0x0<global>
        inet6 fe80::284:edff:fed6:daaa  prefixlen 64  scopeid 0x20<link>
        ether 00:84:ed:d6:da:aa  txqueuelen 1000  (Ethernet)
        RX packets 4386372  bytes 4594716658 (4.2 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4533954  bytes 4270988428 (3.9 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 4157790  bytes 4289884776 (3.9 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4157790  bytes 4289884776 (3.9 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
toreanderson commented 4 years ago

It seems that you are using the same IPv6 address – 2a02:180:6:1::2f58 – in two places. It is assigned to eth0 and it is configured as clat-v6-addr. That won't work; clatd requires a separate IPv6 address.

Normally (i.e., had you not manually configured clat-v6-addr) clatd would have tried to pick an adjacent address in the same prefix as the eth0 address, but can't in your case since your eth0 address is a /128 (assigned by DHCPv6, I assume).