[Jool-list] HINT: Jool capability

Alberto Leiva ydahhrk at gmail.com
Tue May 19 10:59:34 CDT 2020 

pool4 is not the addresses of the remote node.
pool4 is the addresses you want jool to mask packets with.

Suppose you have the following network:

node A  ------           Jool            -------------- node B
1234::6          1234::1 | 1.2.3.1                     1.2.3.4

And suppose Jool's pool6 is 64::/96, and its pool4 is 1.2.3.1 with
ports 100-200:

Node A wants to access an HTTP server in node B, so it writes the
following packet:

    [1234::6]:4321 -> [64::1.2.3.4]:80

Where 4321 was a port assigned randomly.

Jool translates that into the following packet:

    1.2.3.1:150 -> 1.2.3.4:80

pool4 was what it used to decide the source address. It wouldn't have
chosen, for example, 1.2.3.1:1000, because that's not in pool4. The
150 was chosen randomly, but only from the range 100-200.

The destination address (1.2.3.4:80) is computed entirely from
[64::1.2.3.4]:80. pool4 has nothing to do with it.

On Mon, May 18, 2020 at 8:20 PM Kunal Chauhan <atkunalchauhan at gmail.com> wrote:
>
> alberto,
>
> Regarding pool4 modification:
>
> IF jool machine is able to ping to 104.x.x.x then ,Should pool4 should be modify?
>
> as current pool4 showed entry like 172.x.x.x
>
> pool4 may have multiple entry of different class of IP. ?
>
>
>
> On Tue, May 19, 2020 at 12:40 AM Kunal Chauhan <atkunalchauhan at gmail.com> wrote:
>>
>> Alberto,
>>
>> Thanking you very much.
>>  I will take your advice as valuable feed back and  troublshoot for the same that is my job.
>>
>>
>>
>> On 19 May 2020 12:36 a.m., "Alberto Leiva" <ydahhrk at gmail.com> wrote:
>>
>> Ok, then you'll have to fix those problems before worrying about A.
>> You can't expect A to reach B through J if J itself can't reach B.
>> This is probably a routing problem, and it definitely doesn't have
>> anything to do with IP translation.
>> I'm sorry, but it's not my job to help you troubleshoot this problem.
>>
>> On Mon, May 18, 2020 at 1:54 PM Kunal Chauhan <atkunalchauhan at gmail.com> wrote:
>> >
>> > Alberto,
>> >
>> > Quoting below point:
>> >
>> > 2.1. If you ping 104.x.x.x from Jool, does it work?
>> > 2.2. If you ping ::ffff:68c6:b6f7 from Jool, does it work?
>> >
>> > >>>2.1  jool machine is not able to ping to 104.x.x.x
>> >
>> > >>> 2.2 this is also not working
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> > On 19 May 2020 12:13 a.m., "Alberto Leiva" <ydahhrk at gmail.com> wrote:
>> >
>> > > 1. Node B is not under my control i know its ipv4 addres only. Like 104.x.x.x
>> >
>> > 1.1. Then what is the problem with "ping6 2001:ab5::104.X.X.X"?
>> >
>> > > 2. Node A and jool machine are in my internal network as range for ipv4 is 172.x.x.x and ipv6 is 2001:xxxx....
>> >
>> > 2.1. If you ping 104.x.x.x from Jool, does it work?
>> > 2.2. If you ping ::ffff:68c6:b6f7 from Jool, does it work?
>> >
>> > On Mon, May 18, 2020 at 1:35 PM Kunal Chauhan <atkunalchauhan at gmail.com> wrote:
>> > >
>> > > Alberto,
>> > >
>> > > Actually i might have missed to explain below points for latest scenerio.
>> > >
>> > > 1. Node B is not under my control i know its ipv4 addres only. Like 104.x.x.x
>> > >
>> > > So i can not add any thing at node B side
>> > >
>> > > 2. Node A and jool machine are in my internal network as range for ipv4 is 172.x.x.x and ipv6 is 2001:xxxx....
>> > >
>> > > On 18 May 2020 11:47 p.m., "Alberto Leiva" <ydahhrk at gmail.com> wrote:
>> > >>
>> > >> Ok, then enable IPv6 forwarding in Jool if you haven't already:
>> > >>
>> > >>     kunal at JOOL:~# sysctl -w net.ipv6.conf.all.forwarding=1
>> > >>
>> > >> And make sure A and B can reach each other through Jool's machine. For example:
>> > >>
>> > >>     kunal at A:~# ip route add ::ffff:68c6:b6f7 via <Jool machine's
>> > >> A-facing IPv6 address>
>> > >>
>> > >> ---
>> > >>
>> > >>     kunal at B:~# ip route add 2001:ab5:0:1::/64 via <Jool machine's
>> > >> B-facing IPv6 address>
>> > >>
>> > >> Then, do the ping:
>> > >>
>> > >>     kunal at A:~# ping6 ::ffff:68c6:b6f7
>> > >>
>> > >> Which should create the following packet flow:
>> > >>
>> > >> 1. A sends ping request "2001:ab5:0:1::x -> ::ffff:68c6:b6f7"
>> > >> 2. Jool does not translate that packet, but its Linux host instead
>> > >> routes it normally towards B.
>> > >> 3. B replies "::ffff:68c6:b6f7 -> 2001:ab5:0:1::x"
>> > >> 4. Jool does not translate that packet, but its Linux host instead
>> > >> routes it normally towards A.
>> > >> 5. A receives the reply.
>> >
>> >
>>
>>
>
>
> --
> Thanks with Regards!
>
> Kunal Chauhan
> Mob:09813614826
> Mob:08860397903
> E-mail:atkunalchauhan at gmail.com
>

More information about the Jool-list mailing list