[Jool-list] HINT: Jool capability

Kunal Chauhan atkunalchauhan at gmail.com
Mon May 18 13:00:14 CDT 2020 

Alberto,

Your assumptions are right.

Quoting below point

How about this: Instead of pinging "::ffff:68c6:b6f7", try pinging
"2001:ab5::104.X.X.X":

Ans : actually I must have to ping "::ffff:68c6:b6f7   because this address
can not change  , it is conversion of ipv4 address node which is fixed.

Please suggest.

Br
Kunal







On 18 May 2020 11:11 p.m., "Alberto Leiva" <ydahhrk at gmail.com> wrote:

Kunal:

I'll tell you what I think is happening, and why I think it doesn't
work. But you'll have to review the steps because I'm making some
assumptions.

> Network scenario is:
> 1. Node A [172.19.8.x (IPv6 IP: 2001:ab5:0:1::x)]-->  JOOL  --> Node B[
IP 172.19.8.x (IP converted to v6 format: 2001:ab5::ac13:x)]
> is working fine

I'm going to make some changes to this. This is what I think you meant:

> Network scenario is:
> 1. Node A [IPv6 IP: 2001:ab5:0:1::x] --> JOOL --> Node B [IP 172.19.8.y
(IP converted to v6 format: 2001:ab5::ac13:080y)]
> is working fine

(Notice B's address change from x to y. I don't think there's a reason
why you would need to enforce same suffix on both A and B.)

When you say "working fine," I'm assuming that you are referring to a
ping from A to B. Like this:

    kunal at A$ ping 2001:ab5::ac13:080y

That would create the following packet flow:

1. A sends ping request "2001:ab5:0:1::x -> 2001:ab5::ac13:080y"
2. Jool translates that packet into "172.19.8.z -> 172.19.8.y"
3. B replies "172.19.8.y -> 172.19.8.z"
4. Jool translates that packet into "2001:ab5::ac13:080y -> 2001:ab5:0:1::x"

Which is OK.

> but below case is not working
> Node A[172.19.8.x(2001:ab5:0:1::x/64)] ----->JOOL---->Node B [IP
104.X.X.X(0:0:0:0:0:ffff:68c6:b6f7)]

I don't understand where "::ffff:68c6:b6f7" came from, but I think
you're attempting the following ping:

    A$ ping 0:0:0:0:0:ffff:68c6:b6f7

That would create the following packet flow:

1. A sends ping request "2001:ab5:0:1::x -> ::ffff:68c6:b6f7"
2. Jool does not receive the packet, because its ip6tables rule is not
configured to catch packets whose destination is "::ffff:68c6:b6f7":

> 1. ip6tables -t mangle -L PREROUTING
> Chain PREROUTING (policy ACCEPT)
> target     prot opt source               destination
> JOOL       all      anywhere             2001:ab5::/96
instance:alpha1

It is only interested in catching packets that are sent towards the
"2001:ab5::/96" network.

How about this: Instead of pinging "::ffff:68c6:b6f7", try pinging
"2001:ab5::104.X.X.X":

    kunal at A$ ping 2001:ab5::104.X.X.X

Assuming Jool's IPv4 address (172.19.8.z) is public, that should work.

On Mon, May 18, 2020 at 10:30 AM Kunal Chauhan <atkunalchauhan at gmail.com>
wrote:
>
> Network scenario is:
> 1. Node A [172.19.8.x (IPv6 IP: 2001:ab5:0:1::x)]-->  JOOL  --> Node B[
IP 172.19.8.x (IP converted to v6 format: 2001:ab5::ac13:x)]
> is working fine
>
> but below case is not working
>
> Node A[172.19.8.x(2001:ab5:0:1::x/64)] ----->JOOL---->Node B [IP
104.X.X.X(0:0:0:0:0:ffff:68c6:b6f7)]
>
> my jool configuration is as:
>
> 1. ip6tables -t mangle -L PREROUTING
> Chain PREROUTING (policy ACCEPT)
> target     prot opt source               destination
>
> JOOL       all      anywhere             2001:ab5::/96
instance:alpha1
>
> 2. jool -i alpha1  pool4 display --icmp
> +------------+-------+--------------------+-----------------
+-------------+
> |       Mark | Proto |     Max iterations |         Address |       Ports
|
> +------------+-------+--------------------+-----------------
+-------------+
> |          0 |  ICMP |       1024 ( auto) |     172.19.8.x | 61001-65535 |
>
> 3. jool instance add alpha1 --iptables --pool6 2001:ab5::/96
>
> br,
> kunal
>
> On Mon, May 18, 2020 at 7:42 PM Tore Anderson <tore at fud.no> wrote:
>>
>> * Kunal Chauhan
>>
>> > Q:is It possible that jool can convert or able to ping to different
IPv6 network.?
>> >
>> > _point is_
>> >
>> > Details is NODE A IPv6 ----->JOOL------> NODE B IPV6(different ipv6
class than NODE A)
>> >
>> > Q is there is role of instance?
>>
>> It seems to me like you are describing a regular IPv6 router?
>>
>> If so, that is not something you'd use Jool for. A vanilla Linux kernel
can do that just fine.
>>
>> What do you mean by «different IPv6 class», though? What is an «IPv6
class»?
>>
>> Tore
>
>
>
> --
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail-lists.nic.mx/pipermail/jool-list/attachments/20200518/fc69e01c/attachment.htm>

More information about the Jool-list mailing list