[Jool-list] Proxy DNP with Jool?

Alberto Leiva ydahhrk at gmail.com
Tue Oct 26 15:29:15 CDT 2021 

> is it possible to get Jool to answer IPv6 Neighbor Solicitations for the entire block?

No, unless Linux can do it.

> I would like the gateway to answer neighbor solicitations for all 2^32 potential addresses in the pool.

Ok, just curious: Why do you need this?

A Stateful NAT64 is like a Stateful NAT. Do NATs typically respond to
network solicitations for the entire Internet outside?

> If not, where in the code might I start looking to add it?

Well, this is the function that gets called every time an IPv4 packet
reaches Jool via Netfilter: [0]
And this is the IPv6 counterpart: [1]

You would probably be forced to use Netfilter, because iptables would
filter the neighbor solicitation packets out.

You'd have to analyze the packets, see if they're neighbor
solicitations, and if so, cancel the translation, fetching your own
response packet.

But are you sure you don't just want to route those packets normally?
64:ff9b::/96 is just a network.

[0] https://github.com/NICMx/Jool/blob/master/src/mod/common/kernel_hook_netfilter.c#L85
[1] https://github.com/NICMx/Jool/blob/master/src/mod/common/kernel_hook_netfilter.c#L58

On Tue, Oct 26, 2021 at 1:19 PM Art Cancro via Jool-list
<jool-list at nic.mx> wrote:
>
> Hello again fellow Joolers  :)
>
> Thanks to this excellent software, I am currently deploying NAT64 at scale across a medium size service provider.
>
> Right now, we have things set up so that we route an assigned /96 block to the NAT64 gateway.  Now, I am wondering, is it possible to get Jool to answer IPv6 Neighbor Solicitations for the entire block?
>
> Obviously we can do "ip neigh add proxy xxxx::xxxx dev eth0" for *individual* hosts, but I would like the gateway to answer neighbor solicitations for all 2^32 potential addresses in the pool.   Does Jool offer any provision for doing something like this?  If not, where in the code might I start looking to add it?
>
> -- Art
>
> _______________________________________________
> Jool-list mailing list
> Jool-list at nic.mx
> https://mail-lists.nic.mx/listas/listinfo/jool-list

More information about the Jool-list mailing list