[Jool-list] HELP

Alberto Leiva ydahhrk at gmail.com
Tue Apr 21 12:50:11 CDT 2020 

> 1. Right now my jool machine having same ipv6 address on its NIC card that is 2001:ab5...so first I will give it
> different one:  suppose ffe8.... something .

Yes, but you don't need to go as far as to use ffe8.
Because your pool6 prefix is 2001:ab5::/96
(2001:ab5:0000:0000:0000:0000::/96), you can use any other for your
IPv6 nodes network (for example, 2001:ab5:0000:0000:0000:0001::/96)

> 2. prefix will remain  64:ff9b::/96 at jool

If you change the prefix to ffe8:: or 2001:ab5:0:0:0:1::, you don't
need to do this.
But if you want to leave your IPv6 node with 2001:ab5::, then
pool6=64:ff9b::/96 is a good idea.

> 3. finally at IPV6 node I will add following cmd
> ip -6 route add <ffe8....//that is jool machine IPv6 address>/<prefixlength> via < 64:ff9b::/96 >

It should be the other way around

    ip -6 route add 64:ff9b::/96 via <ffe8....//that is jool machine
IPv6 address>/<prefixlength>

This command means "The 64:ff9b::/96 network can be reached via <the
translator>".

> + Also what about when packet will return from ipv4 machine ?
> as jool ipv4 address should be different from ipv4 node , also  ? same scenario as was with ipv6 network ?

Have you read this?
https://jool.mx/en/intro-xlat.html#stateful-nat64

The IPv6 nodes and the pool6 prefix are supposed to be separate networks.
But the IPv4 nodes and the pool4 addresses can be the same network.
But if they aren't, you simply need to adjust your routing to make
them reachable to each other.

On Tue, Apr 21, 2020 at 12:48 PM Kunal Chauhan <atkunalchauhan at gmail.com> wrote:
>
> Also what about when packet will return from ipv4 machine ?
> as jool ipv4 address should be different from ipv4 node , also  ? same scenario as was with ipv6 network ?
>
> On Tue, Apr 21, 2020 at 11:15 PM Kunal Chauhan <atkunalchauhan at gmail.com> wrote:
>>
>> + Also what about when packet will return from ipv4 machine ?
>> as jool ipv4 address should be different from ipv4 node , also  ? same scenario as was with ipv6 network ?
>>
>>
>>
>>
>>
>>
>>
>> On Tue, Apr 21, 2020 at 11:07 PM Kunal Chauhan <atkunalchauhan at gmail.com> wrote:
>>>
>>> please clarify some point before I make change to my test machines if I might understand you correctly.
>>>
>>>
>>> 1. Right now my jool machine having same ipv6 address on its NIC card that is 2001:ab5...so first I will give it
>>> different one:  suppose ffe8.... something .
>>>
>>> 2. prefix will remain  64:ff9b::/96 at jool
>>>
>>>
>>> 3. finally at IPV6 node I will add following cmd
>>>
>>>   ip -6 route add <ffe8....//that is jool machine IPv6 address>/<prefixlength> via < 64:ff9b::/96 >
>>>
>>> /////////////////////////////
>>>
>>>
>>>
>>> n Tue, Apr 21, 2020 at 10:44 PM Alberto Leiva <ydahhrk at gmail.com> wrote:
>>>>
>>>> 1. You can change the jool prefix to anything, as long as the IPv6
>>>> node's own address is not inside the jool prefix
>>>> If the IPv6 node thinks it's inside the jool network, it will try to
>>>> find 2001:ab5::172.19.8.12 in its own network, fail at the neighbor
>>>> discovery step, and never send the packet to the translator.
>>>> 2. That's right. Unless you add the route `64:ff9b::/96 via
>>>> <Translator's NIC IPv6 address>` to your IPv6 node
>>>>
>>>> On Tue, Apr 21, 2020 at 12:10 PM Kunal Chauhan <atkunalchauhan at gmail.com> wrote:
>>>> >
>>>> > Yes my connectivity is like  172.19.8.12 --->>>JOOL(ip:172.19.8.60 and prefix pool6 is 2001:ab5::/96 ) ----->172.19.8.26
>>>> > my point is
>>>> > 1. should I change jool prefix to 64:ff9b::/96 ?
>>>> > *2.if I change then I will do ping6 64:ff9b::172.19.8.26 , it may cause not to transfer pkt as network is in
>>>> > 2001:ab5:: as route?
>>>> >
>>>> > On Tue, Apr 21, 2020 at 10:38 PM Kunal Chauhan <atkunalchauhan at gmail.com> wrote:
>>>> >>
>>>> >> Yes my connectivity is like  172.19.8.12 --->>>JOOL(ip:172.19.8.60 and prefix pool6 is 2001:ab5::/96 ) ----->172.19.8.26
>>>> >> my point is
>>>> >> 1. should I change jool prefix to 64:ff9b::/96 ?
>>>> >> 2.if I change then I will do ping6 64:ff9b::172.19.8.60 , it may cause not to transfer pkt as network is in
>>>> >> 2001:ab5:: as route?
>>>> >>
>>>> >>
>>>> >>
>>>> >>
>>>> >> On Tue, Apr 21, 2020 at 10:26 PM Alberto Leiva <ydahhrk at gmail.com> wrote:
>>>> >>>
>>>> >>> Your IPv6 node thinks it's directly connected to the NAT64 network.
>>>> >>> This is incorrect; from the IPv6 node's perspective, the NAT64 network
>>>> >>> is supposed to be seen as a separate network which can be reached
>>>> >>> through the translator.
>>>> >>> For example, if your NAT64 network (pool6) is 2001:ab5::/96, then your
>>>> >>> IPv6 node's network is supposed to be something that does not equal
>>>> >>> nor contain that prefix. For example, 2001:ab5:ffff::/96, or
>>>> >>> 2001:ab5:ffff::/64.
>>>> >>>
>>>> >>> On Tue, Apr 21, 2020 at 11:49 AM Kunal Chauhan <atkunalchauhan at gmail.com> wrote:
>>>> >>> >
>>>> >>> > //IPV6 node/////////////////////////////////
>>>> >>> >
>>>> >>> > ip  -6 route
>>>> >>> >
>>>> >>> > 2001:ab5::/96 dev eth1 metric 1
>>>> >>> >
>>>> >>> > fe80::/64 dev eth1 proto kernel metric 256
>>>> >>> >
>>>> >>> > ff00::/8 dev eth1 metric 256
>>>> >>> >
>>>> >>> > ff00::/8 dev vip_eth metric 256
>>>> >>> >
>>>> >>> >
>>>> >>> >
>>>> >>> >
>>>> >>> >
>>>> >>> > ping6 2001:ab5::172.19.8.12
>>>> >>> >
>>>> >>> > PING 2001:ab5::172.19.8.12(2001:ab5::ac13:80c) 56 data bytes
>>>> >>> >
>>>> >>> > From 2001:ab5:0:1::205 icmp_seq=1 Destination unreachable: Address unreachable
>>>> >>> >
>>>> >>> > From 2001:ab5:0:1::205 icmp_seq=2 Destination unreachable: Address unreachable
>>>> >>> >
>>>> >>> > From 2001:ab5:0
>>>> >>> >
>>>> >>> > //////////jool //////////////////////////////
>>>> >>> >
>>>> >>> > joolmachine configuration is below:
>>>> >>> >
>>>> >>> > root at ruckus-OptiPlex-390:~# ifconfig
>>>> >>> >
>>>> >>> > enp2s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>>>> >>> >
>>>> >>> >         inet 169.254.121.93  netmask 255.255.0.0  broadcast 169.254.255.255
>>>> >>> >
>>>> >>> >         inet6 fe80::c9f1:a162:b3d2:dd0d  prefixlen 64  scopeid 0x20<link>
>>>> >>> >
>>>> >>> >         inet6 2001:ab5:0:1::160  prefixlen 64  scopeid 0x0<global>
>>>> >>> >
>>>> >>> >         ether 00:0a:f7:2d:67:3a  txqueuelen 1000  (Ethernet)
>>>> >>> >
>>>> >>> >         RX packets 188310  bytes 36844700 (36.8 MB)
>>>> >>> >
>>>> >>> >         RX errors 0  dropped 4019  overruns 0  frame 0
>>>> >>> >
>>>> >>> >         TX packets 721  bytes 75614 (75.6 KB)
>>>> >>> >
>>>> >>> >         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>>>> >>> >
>>>> >>> >         device interrupt 17
>>>> >>> >
>>>> >>> >
>>>> >>> >
>>>> >>> > enp4s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>>>> >>> >
>>>> >>> >         inet 172.19.8.60  netmask 255.255.255.0  broadcast 172.19.8.255
>>>> >>> >
>>>> >>> >         inet6 fe80::e5b1:419e:3a28:c0c1  prefixlen 64  scopeid 0x20<link>
>>>> >>> >
>>>> >>> >         ether d0:67:e5:27:2c:f8  txqueuelen 1000  (Ethernet)
>>>> >>> >
>>>> >>> >         RX packets 2423774  bytes 1145177984 (1.1 GB)
>>>> >>> >
>>>> >>> >         RX errors 0  dropped 17073  overruns 0  frame 0
>>>> >>> >
>>>> >>> >         TX packets 3678434  bytes 2236049996 (2.2 GB)
>>>> >>> >
>>>> >>> >         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>>>> >>> >
>>>> >>> > //tcpdump at jool machinee////////////////////
>>>> >>> >
>>>> >>> > 23:06:34.523300 IP6 2001:db8:0:1::a55 > ff02::1:ff00:a4: ICMP6, neighbor solicitation, who has 2001:db8:0:1::a4, length 32
>>>> >>> >
>>>> >>> > 23:06:34.721460 IP6 fe80::dc1e:55ce:e8ca:a59e.53119 > ff02::c.1900: UDP, length 146
>>>> >>> >
>>>> >>> > 23:06:34.832887 IP6 2001:ab5:0:1::205 > ff02::1:ff13:80c: ICMP6, neighbor solicitation, who has 2001:ab5::ac13:80c, length 32
>>>> >>> >
>>>> >>> > 23:06:35.283935 STP 802.1w, Rapid STP, Flags [Learn, Forward], bridge-id 820e.68:9c:e2:71:94:00.8028, length 43
>>>> >>> >
>>>> >>> >
>>>> >>> >
>>>> >>> >
>>>> >>> >
>>>> >>> >
>>>> >>> > On Tue, Apr 21, 2020 at 9:52 PM Alberto Leiva <ydahhrk at gmail.com> wrote:
>>>> >>> >>
>>>> >>> >> Looks fine.
>>>> >>> >>
>>>> >>> >> Now that I think about it, your stats are telling us that your
>>>> >>> >> translator is not actually receiving any IPv6 traffic.
>>>> >>> >> Does your IPv6 node have a route towards 2001:ab5::?
>>>> >>> >> Are you sure the IPv6 node knows to send 2001:ab5:: traffic towards
>>>> >>> >> your translator?
>>>> >>> >> What's the output of your IPv6 node's `ip -6 route`?
>>>> >>> >> Are there any routers between your IPv6 node and your translator?
>>>> >>> >>
>>>> >>> >> On Tue, Apr 21, 2020 at 10:54 AM Kunal Chauhan <atkunalchauhan at gmail.com> wrote:
>>>> >>> >> >
>>>> >>> >> > jool -i alpha1 pool4 display --icmp
>>>> >>> >> >
>>>> >>> >> > +------------+-------+--------------------+-----------------+-------------+
>>>> >>> >> >
>>>> >>> >> > |       Mark | Proto |     Max iterations |         Address |       Ports |
>>>> >>> >> >
>>>> >>> >> > +------------+-------+--------------------+-----------------+-------------+
>>>> >>> >> >
>>>> >>> >> > |          0 |  ICMP |       1024 ( auto) |     172.19.8.60 | 61001-65535
>>>> >>> >> >
>>>> >>> >> >
>>>> >>> >> > On Tue, Apr 21, 2020 at 9:12 PM Alberto Leiva <ydahhrk at gmail.com> wrote:
>>>> >>> >> >>
>>>> >>> >> >> > What's the output of `jool pool4 display`?
>>>> >>> >> >>
>>>> >>> >> >> Sorry, I meant `jool pool4 display --icmp`
>>>> >>> >> >>
>>>> >>> >> >> On Tue, Apr 21, 2020 at 10:37 AM Alberto Leiva <ydahhrk at gmail.com> wrote:
>>>> >>> >> >> >
>>>> >>> >> >> > > JSTAT_POOL4_MISMATCH:15
>>>> >>> >> >> >
>>>> >>> >> >> > What's the output of `jool pool4 display`?
>>>> >>> >> >> >
>>>> >>> >> >> > On Tue, Apr 21, 2020 at 9:55 AM Kunal Chauhan <atkunalchauhan at gmail.com> wrote:
>>>> >>> >> >> > >
>>>> >>> >> >> > > Hello Alberto,
>>>> >>> >> >> > >
>>>> >>> >> >> > > Thanks  for your reply:
>>>> >>> >> >> > >
>>>> >>> >> >> > > Below is the detail  please help:
>>>> >>> >> >> > >   1. Try "2001:ab5::172.19.8.26" instead of "2001:ab5:172.19.8.26"
>>>> >>> >> >> > >
>>>> >>> >> >> > >   2001:ab5::172.19.8.26  I tried this only it gives destination unreachable.  while ping.
>>>> >>> >> >> > >
>>>> >>> >> >> > > 2.  If you ping the jool machine's IPv6 NIC from your IPv6 machine, does it work?
>>>> >>> >> >> > >
>>>> >>> >> >> > > Yes it working .
>>>> >>> >> >> > >
>>>> >>> >> >> > > 3.  If you ping the jool machine's IPv4 NIC from your IPv4 machine, does it work?
>>>> >>> >> >> > > Yes it is also working
>>>> >>> >> >> > >  4.  What's the output of 'jool stats display'?
>>>> >>> >> >> > > JSTAT_RECEIVED4: 15
>>>> >>> >> >> > > JSTAT_POOL4_MISMATCH:15
>>>> >>> >> >> > >
>>>> >>> >> >> > > Thanks
>>>> >>> >> >> > > Kunal
>>>> >>> >> >> > >
>>>> >>> >> >> > >
>>>> >>> >> >> > > //////////////////////////////////////////////////
>>>> >>> >> >> > > On Tue, Apr 21, 2020 at 8:20 PM Kunal Chauhan <atkunalchauhan at gmail.com> wrote:
>>>> >>> >> >> > >>
>>>> >>> >> >> > >> Hello Alberto,
>>>> >>> >> >> > >>
>>>> >>> >> >> > >> Thanks  for your reply:
>>>> >>> >> >> > >>
>>>> >>> >> >> > >> Below is the detail  please help:
>>>> >>> >> >> > >>   1. Try "2001:ab5::172.19.8.26" instead of "2001:ab5:172.19.8.26"
>>>> >>> >> >> > >>
>>>> >>> >> >> > >>   2001:ab5::172.19.8.26  I tried this only it gives destination unreachable.
>>>> >>> >> >> > >>
>>>> >>> >> >> > >> 2.  If you ping the jool machine's IPv6 NIC from your IPv6 machine, does it work?
>>>> >>> >> >> > >>
>>>> >>> >> >> > >>
>>>> >>> >> >> > >>
>>>> >>> >> >> > >> If you ping the jool machine's IPv4 NIC from your IPv4 machine, does it work?
>>>> >>> >> >> > >>
>>>> >>> >> >> > >>
>>>> >>> >> >> > >> On Tue, Apr 21, 2020 at 7:39 PM Alberto Leiva <ydahhrk at gmail.com> wrote:
>>>> >>> >> >> > >>>
>>>> >>> >> >> > >>> > test: I am trying to ping 2001:ab5:172.19.8.26 from ipv6 machine
>>>> >>> >> >> > >>>
>>>> >>> >> >> > >>> Try "2001:ab5::172.19.8.26" instead of "2001:ab5:172.19.8.26".
>>>> >>> >> >> > >>> What's the output of ping?
>>>> >>> >> >> > >>> If you ping the jool machine's IPv6 NIC from your IPv6 machine, does it work?
>>>> >>> >> >> > >>> If you ping the jool machine's IPv4 NIC from your IPv4 machine, does it work?
>>>> >>> >> >> > >>> What's the output of 'jool stats display'?
>>>> >>> >> >> > >>>
>>>> >>> >> >> > >>> On Tue, Apr 21, 2020 at 6:24 AM Kunal Chauhan <atkunalchauhan at gmail.com> wrote:
>>>> >>> >> >> > >>> >
>>>> >>> >> >> > >>> > Hi Team
>>>> >>> >> >> > >>> >
>>>> >>> >> >> > >>> > I need help to configure my jool machine
>>>> >>> >> >> > >>> > I have a jool machine with 2 NIC card ,
>>>> >>> >> >> > >>> >
>>>> >>> >> >> > >>> > I configure as per jool documentation method I follow is iptable.
>>>> >>> >> >> > >>> >
>>>> >>> >> >> > >>> > 1. created instance
>>>> >>> >> >> > >>> > 2. creat pool6 as prefix 2001:ab5::/96 as my ip6 machine or network is in that prefix or address
>>>> >>> >> >> > >>> > 3. created a poolv4 as 172.19.8.60 //this my jool machine ip
>>>> >>> >> >> > >>> >
>>>> >>> >> >> > >>> > test: I am trying to ping 2001:ab5:172.19.8.26 from ipv6 machine
>>>> >>> >> >> > >>> >
>>>> >>> >> >> > >>> > please HEPL
>>>> >>> >> >> > >>> >
>>>> >>> >> >> > >>> >
>>>> >>> >> >> > >>> > --
>>>> >>> >> >> > >>> > Thanks with Regards!
>>>> >>> >> >> > >>> >
>>>> >>> >> >> > >>> > Kunal Chauhan
>>>> >>> >> >> > >>> >
>>>> >>> >> >> > >>> > Mob:08860397903
>>>> >>> >> >> > >>> > E-mail:atkunalchauhan at gmail.com
>>>> >>> >> >> > >>> >
>>>> >>> >> >> > >>> > _______________________________________________
>>>> >>> >> >> > >>> > Jool-list mailing list
>>>> >>> >> >> > >>> > Jool-list at nic.mx
>>>> >>> >> >> > >>> > https://mail-lists.nic.mx/listas/listinfo/jool-list
>>>> >>> >> >> > >>
>>>> >>> >> >> > >>
>>>> >>> >> >> > >>
>>>> >>> >> >> > >> --
>>>> >>> >> >> > >> Thanks with Regards!
>>>> >>> >> >> > >>
>>>> >>> >> >> > >> Kunal Chauhan
>>>> >>> >> >> > >> Mob:09813614826
>>>> >>> >> >> > >> Mob:08860397903
>>>> >>> >> >> > >> E-mail:atkunalchauhan at gmail.com
>>>> >>> >> >> > >>
>>>> >>> >> >> > >
>>>> >>> >> >> > >
>>>> >>> >> >> > > --
>>>> >>> >> >> > > Thanks with Regards!
>>>> >>> >> >> > >
>>>> >>> >> >> > > Kunal Chauhan
>>>> >>> >> >> > > Mob:09813614826
>>>> >>> >> >> > > Mob:08860397903
>>>> >>> >> >> > > E-mail:atkunalchauhan at gmail.com
>>>> >>> >> >> > >
>>>> >>> >> >
>>>> >>> >> >
>>>> >>> >> >
>>>> >>> >> > --
>>>> >>> >> > Thanks with Regards!
>>>> >>> >> >
>>>> >>> >> > Kunal Chauhan
>>>> >>> >> > Mob:09813614826
>>>> >>> >> > Mob:08860397903
>>>> >>> >> > E-mail:atkunalchauhan at gmail.com
>>>> >>> >> >
>>>> >>> >
>>>> >>> >
>>>> >>> >
>>>> >>> > --
>>>> >>> > Thanks with Regards!
>>>> >>> >
>>>> >>> > Kunal Chauhan
>>>> >>> > Mob:09813614826
>>>> >>> > Mob:08860397903
>>>> >>> > E-mail:atkunalchauhan at gmail.com
>>>> >>> >
>>>> >>
>>>> >>
>>>> >>
>>>> >> --
>>>> >> Thanks with Regards!
>>>> >>
>>>> >> Kunal Chauhan
>>>> >> Mob:09813614826
>>>> >> Mob:08860397903
>>>> >> E-mail:atkunalchauhan at gmail.com
>>>> >>
>>>> >
>>>> >
>>>> > --
>>>> > Thanks with Regards!
>>>> >
>>>> > Kunal Chauhan
>>>> > Mob:09813614826
>>>> > Mob:08860397903
>>>> > E-mail:atkunalchauhan at gmail.com
>>>> >
>>>
>>>
>>>
>>> --
>>> Thanks with Regards!
>>>
>>> Kunal Chauhan
>>> Mob:09813614826
>>> Mob:08860397903
>>> E-mail:atkunalchauhan at gmail.com
>>>
>>
>>
>> --
>> Thanks with Regards!
>>
>> Kunal Chauhan
>> Mob:09813614826
>> Mob:08860397903
>> E-mail:atkunalchauhan at gmail.com
>>
>
>
> --
> Thanks with Regards!
>
> Kunal Chauhan
> Mob:09813614826
> Mob:08860397903
> E-mail:atkunalchauhan at gmail.com
>

More information about the Jool-list mailing list