[Jool-list] netfilter mode question or bug
Fatih USTA
fatihusta86 at gmail.com
Thu Dec 19 04:54:02 CST 2019
Hi
I'm following this(https://www.jool.mx/en/run-vanilla.html) guide.
IPTables mode working, but netfilter mode doesn't work. What am I
missing? or is this a bug?
jool_siit -V
4.0.6.2 i386
ip{6}tables -V
v1.6.0 i386
uname -rm
3.16.76-4.custom x86_64
PC1[eth0] <=>[eth1]Tranlator[eth2]<=>[eth0]PC2
#PC1
ip addr add 10.200.200.220/23 dev eth0
ip route add 10.100.100.0/24 via 10.200.200.16
#Translator
ip addr add 10.200.200.16/23 dev eth1
ip addr add 2001:db8:a::10.100.100.2/120 dev eth2
sysctl -w net.ipv4.conf.all.forwarding=1
sysctl -w net.ipv6.conf.all.forwarding=1
ethtool --offload eth1 gro off
ethtool --offload eth2 gro off
lro already fixed off by kernel.
jool_siit instance add default --netfilter --pool6 2001:db8:a::/96
#PC2
ip add add 2001:db8:a::10.100.100.11/120 dev eth0
ip route add 2001:db8:a::10.200.200.0/119 via 2001:db8:a::10.100.100.2
#Result of netfilter (on Translator)
PC1>PC2
12:44:12.234494 IP 10.200.200.220 > 10.100.100.11: ICMP echo request, id
9806, seq 1, length 64
12:44:12.234647 IP 10.200.200.16 > 10.200.200.220: ICMP net
10.100.100.11 unreachable, length 92
12:44:13.255748 IP 10.200.200.220 > 10.100.100.11: ICMP echo request, id
9806, seq 2, length 64
12:44:13.255825 IP 10.200.200.16 > 10.200.200.220: ICMP net
10.100.100.11 unreachable, length 92
12:44:14.279628 IP 10.200.200.220 > 10.100.100.11: ICMP echo request, id
9806, seq 3, length 64
12:44:14.279704 IP 10.200.200.16 > 10.200.200.220: ICMP net
10.100.100.11 unreachable, length 92
-- Fatih USTA
More information about the Jool-list
mailing list