[Jool-list] Help with routing loop?
Alberto Leiva
ydahhrk at gmail.com
Fri Dec 22 10:23:36 CST 2017
> Now when I "tracepath6 -n 2000:ffff::73.xxx.67.1 from the test
> host, I get:
> ...
> If I "tracepath 73.xxx.67.1" from the jool host, I get a real
> trace with real names that goes "no reply" one step earlier.
I can't explain the "goes 'no reply' one step earlier" thing, but as
for the rest, check this out:
https://jool.mx/en/usr-flags-global.html#--source-icmpv6-errors-better
> Specifically, I cannot "wget http://whatsmyip.org". It returns
> an empty file.
I think this is a separate problem. Let me see if I can reproduce it.
On Fri, Dec 22, 2017 at 2:17 AM, Kurt Lund <kurt at realacquisitions.com> wrote:
> I followed the instructions very carefully, but had to use a different
> prefix (I used 2000:ffff::/96, that I stole from the old NAT-PT
> documentation) because I (stupidly) used the whole /64 that was given to me
> when setting up my dual stack nodes, so Jool complained when I tried to use
> a /96 in the config.
>
> It "works" in that I can use Jool to connect to a IPV4 device in my network
> from a IPv6-only node, but any attempt to connect outside my network has
> issues.
>
> IPv6 side: 2604:xxxx:0:a::/64
> IPv4 side: 216.xxx.228.0/29 AND 216.xxx.228.8/29
> Jool setup: Centos 7, single NIC
> Kernel module "jool" loaded with "modprobe --first-time jool
> pool6=2000:ffff::/96"
> IPv4: using host address of 216.xxx.228.6
> IPv6: using host address of 2604:xxxx:0:a:e6::e406
>
> Text IPv6 host: 2604:xxxx:0:a:4::2
> Test IPv4 host: 216.xxx.228.13 (although it is a dual stack node, I have
> confirmed that Jool was used to translate the IP)
>
> Test: "ssh 2000:ffff::216.xxx.228.13" (confirmed on target by "netstat -an
> | grep 216.xxx.228.6" and finding only one entry -- me)
> "jool --bib --display" shows the mapping:
> TCP:
> [Dynamic] 216.xxx.228.6#62327 - 2604:xxxx:0:a:4::2#35038
>
> Now when I "tracepath6 -n 2000:ffff::73.xxx.67.1 from the test host, I get:
>
> 1?: [LOCALHOST] 0.029ms pmtu 1500
> 1: 2604:xxxx:0:a:e6::e406 144.339ms asymm 2
> 1: 2604:xxxx:0:a:e6::e406 5.092ms asymm 2
> 2: 2000:ffff::49xx:4301 1.151ms asymm 3
> 3: 2000:ffff::49xx:4301 1.469ms asymm 4
> 4: 2000:ffff::49xx:4301 1.226ms asymm 5
> 5: 2000:ffff::49xx:4301 2.073ms asymm 6
> 6: 2000:ffff::49xx:4301 2.538ms asymm 7
> 7: 2000:ffff::49xx:4301 3.340ms asymm 8
> 8: 2000:ffff::49xx:4301 3.512ms asymm 9
> 9: 2000:ffff::49xx:4301 9.436ms asymm 7
> 10: 2000:ffff::49xx:4301 7.961ms asymm 5
> 11: 2000:ffff::49xx:4301 11.584ms asymm 6
> 12: 2000:ffff::49xx:4301 11.678ms asymm 7
> 13: no reply
> 14: no reply
> 15: no reply
>
> If I "tracepath 73.xxx.67.1" from the jool host, I get a real trace with
> real names that goes "no reply" one step earlier.
>
> Maybe this is not a big deal (it only seems to mask ICMP stuff) but I also
> can't access public nodes with other (more important) protocols.
> Specifically, I cannot "wget http://whatsmyip.org". It returns an empty
> file.
>
> HELP!!
>
> Thanks,
> Kurt Lund
> kurt at realacquisitions.com
> RealAcquisitions.com
>
> _______________________________________________
> Jool-list mailing list
> Jool-list at nic.mx
> https://mail-lists.nic.mx/listas/listinfo/jool-list
>
More information about the Jool-list
mailing list