[Jool-list] NAT64 behind NAT44?
Alberto Leiva
ydahhrk at gmail.com
Tue Nov 20 22:48:04 CST 2018
Maurice:
My mistake. This was not straightforward at all. It's been a long time
since I've dealt with this "bounce packet in the same network" kind of
setup, and didn't have much experience anyway. It's giving me a world
of problems.
(That's what you're trying to do, right? The intended outbound route is
Client -> Router -> OpenWrt -> Router -> Internet,
while the intended inbound route is
Internet -> Router -> OpenWrt -> Client
Is this correct?)
I tried to replicate it yesterday using virtual machines, but was
having a lot of trouble simply getting the Client -> Router -> OpenWrt
segment to work. (Which means that my packets didn't even reach Jool.)
I'm seemingly missing some key configuration, or am dealing with some
sort of Virtualbox interface bug.
Since I don't have much actual hardware within my reach right now, I
was counting on having a colleague replicate the problem in the
office. Unfortunately, I'm told he is out on vacations this week.
Now, if this is really a Virtualbox bug, it occurs to me that I still
have yet to try assembling the network with namespaces instead of
virtual machines. I'm not very optimistic about this workaround, but I
suppose it could turn out to solve everything. I'll give it a shot
tomorrow.
But I do want to let you know that *we might need to wait until next
week to see any progress*. I'm sorry.
On the other hand, I can offer releasing commit 89b3c109 as Jool 3.5.8
right away*. I don't really know how long would it take for the
OpenWrt folk to mirror it once that's done. I know that you're not
very confident about yours being the same problem as issue #267, but
"TCP Retransmissions, Out-Of-Orders and Dup ACKs" are precisely the
kind of traffic we get when offloads are not working correctly, and
that has *everything* to do with issue #267. I cannot guarantee that
it will solve the problem, but it has a pretty good chance.
* The reason why I haven't done this already is because I want to jump
straight from 3.5.7 to 3.6.0, and that takes quite a bit of extra
effort. Commit 89b3c109 is otherwise a solid release candidate.
Alberto
On Mon, Nov 19, 2018 at 1:47 PM Alberto Leiva <ydahhrk at gmail.com> wrote:
>
> Wow. It looks very straightforward. Ok, I'm testing it.
>
> (Just to confirm: Are offloads disabled?)
>
> On Sat, Nov 17, 2018 at 6:48 PM Maurice Walker <mail at maurice-walker.com> wrote:
> >
> > Hello again,
> >
> > I now installed OpenWrt + Jool on physical hardware and still see exactly the same issues. The VM's synthetic NIC doesn't seem to be the culprit here.
> > So back to the question if this might be related to the fact that I'm essentially trying to run "NAT644":
> >
> > Router:
> > WAN: Dual Stack (one public IPv4 address)
> > LAN: 2001:db8:1:1::1/64, 192.168.1.1/24
> > NAT44 from LAN to WAN
> > default routes via WAN
> > route 2001:db8:1:64::/64 via 2001:db8:1:1::64
> >
> > OpenWrt / Jool NAT64:
> > eth0: 2001:db8:1:1::64/64, 192.168.1.64/24
> > default gateways 2001:db8:1:1::1, 192.168.1.1
> > connected to LAN
> > pool6=2001:db8:1:64::/96
> > no pool4 specified
> >
> > Clients:
> > 2001:db8:1:1::x/64, default gateway 2001:db8:1:1::1, connected to LAN
> >
> > MTU is 1500 on all interfaces.
> >
> > On www.speedtest.net (which is IPv4-only), the download test works as expected (>150 Mbps), but the upload test fails (socket error).
> > This works fine when using Go6Lab's public Jool NAT64 (or native IPv4).
> >
> > Maurice
More information about the Jool-list
mailing list