From mmo at mission-embedded.com  Tue Feb  6 06:43:42 2024
From: mmo at mission-embedded.com (Mosbeck Martin)
Date: Tue, 6 Feb 2024 12:43:42 +0000
Subject: [Jool-list] Node-based translation with LTE
Message-ID: <9c4f2a13-54c5-4db8-942d-29147bbe30ef@mission-embedded.com>

Hello everyone,

thanks for this great tool and the amazingly good documentation!

I have a question regarding node-based translation (as described in
https://nicmx.github.io/Jool/en/node-based-translation.html). I would 
like to
use this for a router which has a public IPv6 LTE connection and clients
connected to it via a private IPv4 LAN. Both router and clients have
applications with hardcoded IPv4 addresses.

I?m wondering what to choose as the "proxy address for the private Jool's
traffic" (2001:db8:1::3 in the example). From first experiments - which 
worked
nicely - I understand, this address is not really private, but used in 
packets
sent via the Internet. From my LTE provider I get an IPv6 address with a /64
prefix. Can I just pick any address inside this /64 subnet without risking
address collisions with someone else? Can I be sure that any IPv6 LTE 
provider
always offers me some range of addresses rather than only a single one?

Thank You & Best

Martin


From ydahhrk at gmail.com  Tue Feb  6 13:27:10 2024
From: ydahhrk at gmail.com (Alberto Leiva)
Date: Tue, 6 Feb 2024 13:27:10 -0600
Subject: [Jool-list] Node-based translation with LTE
In-Reply-To: <9c4f2a13-54c5-4db8-942d-29147bbe30ef@mission-embedded.com>
References: <9c4f2a13-54c5-4db8-942d-29147bbe30ef@mission-embedded.com>
Message-ID: <CAA0dE=XCF2A57mqY_YpQJueUz+rLSoWFkM1H=1h05UtERJ3b+w@mail.gmail.com>

I'm just a developer so these networking hacks struggle to stay in my
memory, but I understand this problem is typical of services
implemented as virtual interfaces (which we're emulating by enclosing
the translator in a separate namespace).

So... I can't give you any details, but I hope I can kick-start you by
mentioning that I have seen people do this in two different ways:

1. proxy-nd: https://github.com/NICMx/Jool/issues/177#issuecomment-144648229
2. Give some private IPv6 address to Jool, then once the packet
reaches the host, IPv6 NAT (NAT66) it into the proper public IPv6
address.

A lot of people dislike NAT66 as a concept, so maybe try option 1 first.

And I'm not sure if proxy-nd is the same as "bridging the two
interfaces," but if not, that would be another option.

This mailing list doesn't see much traffic. Nowadays we have a chat
going on at https://matrix.ungleich.ch/#/room/#jool:ungleich.ch, and
you can probably find much more knowledgeable people there. In fact,
we recently touched the subject last Friday.

On Tue, Feb 6, 2024 at 6:44?AM Mosbeck Martin via Jool-list
<jool-list at nic.mx> wrote:
>
> Hello everyone,
>
> thanks for this great tool and the amazingly good documentation!
>
> I have a question regarding node-based translation (as described in
> https://nicmx.github.io/Jool/en/node-based-translation.html). I would
> like to
> use this for a router which has a public IPv6 LTE connection and clients
> connected to it via a private IPv4 LAN. Both router and clients have
> applications with hardcoded IPv4 addresses.
>
> I?m wondering what to choose as the "proxy address for the private Jool's
> traffic" (2001:db8:1::3 in the example). From first experiments - which
> worked
> nicely - I understand, this address is not really private, but used in
> packets
> sent via the Internet. From my LTE provider I get an IPv6 address with a /64
> prefix. Can I just pick any address inside this /64 subnet without risking
> address collisions with someone else? Can I be sure that any IPv6 LTE
> provider
> always offers me some range of addresses rather than only a single one?
>
> Thank You & Best
>
> Martin
>
> _______________________________________________
> Jool-list mailing list
> Jool-list at nic.mx
> https://mail-lists.nic.mx/listas/listinfo/jool-list

From tore at fud.no  Tue Feb  6 15:46:16 2024
From: tore at fud.no (Tore Anderson)
Date: Tue, 6 Feb 2024 22:46:16 +0100
Subject: [Jool-list] Node-based translation with LTE
In-Reply-To: <9c4f2a13-54c5-4db8-942d-29147bbe30ef@mission-embedded.com>
References: <9c4f2a13-54c5-4db8-942d-29147bbe30ef@mission-embedded.com>
Message-ID: <930acded-308e-497a-aa71-025090b461d8@fud.no>

On 06/02/24 13:43, Mosbeck Martin via Jool-list wrote:
> Hello everyone,
>
> thanks for this great tool and the amazingly good documentation!
>
> I have a question regarding node-based translation (as described in
> https://nicmx.github.io/Jool/en/node-based-translation.html). I would
> like to
> use this for a router which has a public IPv6 LTE connection and clients
> connected to it via a private IPv4 LAN. Both router and clients have
> applications with hardcoded IPv4 addresses.
>
> I?m wondering what to choose as the "proxy address for the private Jool's
> traffic" (2001:db8:1::3 in the example). From first experiments - which
> worked
> nicely - I understand, this address is not really private, but used in
> packets
> sent via the Internet. From my LTE provider I get an IPv6 address with a /64
> prefix. Can I just pick any address inside this /64 subnet without risking
> address collisions with someone else? Can I be sure that any IPv6 LTE
> provider
> always offers me some range of addresses rather than only a single one?

Hi Martin,

You can rely on having a whole /64 assigned to you, this is mandated by 
the 3GPP standards. You are free to use a secondary address within the 
/64 as your the CLAT address.

The ModemManager documentation contains a very nice overview on how IPv6 
(and IPv4) assignment happens in LTE networks, I suspect you might find 
it interesting:

https://modemmanager.org/docs/modemmanager/ip-connectivity-setup-in-lte-modems/

Tore