[Jool-list] Trying to route local traffic via SIIT instance

Alberto Leiva ydahhrk at gmail.com
Mon Jul 6 17:39:54 CDT 2020 

> I think that this (Jool in private network namespace) just needs a slightly
> better documented set of examples.   Maybe some python that knows how to do all the
> right system calls directly.

Hmm. Is this what you asked for?

(I just copied https://github.com/NICMx/Jool/issues/177#issuecomment-144648229
into a python script. It's SIIT rather than NAT64, but the intent
should be clear)

On Mon, Jul 6, 2020 at 3:41 PM Alberto Leiva <ydahhrk at gmail.com> wrote:
>
> > (I still haven't been able to get Jool in netfilter mode to work so that
> > I can split traffic according to IPv6 origin between instances.
> > So I use the iptables method for now)
>
> Solution attached.
> Note that I cheated and used iptables for a simple nat, but you should
> be able to easily replace it with an nftables NAT if you want.
>
> Still working on the python script.
>
> On Thu, Jul 2, 2020 at 1:45 PM Michael Richardson <mcr+ietf at sandelman.ca> wrote:
> >
> >
> > Alberto Leiva <ydahhrk at gmail.com> wrote:
> >     >> I think that this (Jool in private network namespace) just needs a slightly
> >     >> better documented set of examples.   Maybe some python that knows how to do all the
> >     >> right system calls directly.
> >
> >     > Ok, I can give it a shot. (Just let me finish the 4.1.1 release
> >     > first.) Which would you prefer: SIIT or NAT64?
> >
> > My usual interest is in NAT64.
> >
> >     >> (I still haven't been able to get Jool in netfilter mode to work so that
> >     >> I can split traffic according to IPv6 origin between instances.
> >     >> So I use the iptables method for now)
> >
> >     > Same question: SIIT or NAT64?
> >
> > NAT64.
> > I find I'm always confused about the different SIIT uses, we need new names :-)
> >
> > I care most about DC:SIIT, where I want to expose a single IPv4 address
> > for v4-only clients, so that they can reach IPv6 hosted server(s).
> > I think we can do this, but I admit that I haven't tried.
> >
> > --
> > Michael Richardson <mcr+IETF at sandelman.ca>, Sandelman Software Works
> >  -= IPv6 IoT consulting =-
> >
> >
> >
-------------- next part --------------
A non-text attachment was scrubbed...
Name: script.py
Type: text/x-python
Size: 2083 bytes
Desc: not available
URL: <http://mail-lists.nic.mx/pipermail/jool-list/attachments/20200706/ba455f8c/attachment.py>

More information about the Jool-list mailing list