rfc2765 part2

After getting it running today after some sleep, just missing the backroute, now the next step: a setup with 2 translators, establishing connectivity between 2 v4 systems over a ipv6 network.

src:

  • 192.168.11.1/24 connected to trans1, defaultgateway to trans1

trans1:

  • interface test: 192.168.11.2
  • interface lan: 192.168.12.1/24, not used in this test
  • interface lan:fdca:ffee:babe:46::1/64 an ULA address.
  • interface lan: route to ::ffff:ffff:192.168.15.0/120 via trans2 (linklayer address)
  • interface siit0: 169.254.42.42/16 (dummy ipv4 address)
  • interface siit0: “route add default dev siit0” all ipv4 trash goes into translation, if not getting better route to any interface.
  • “route add -A inet6 ::ffff:ffff:0:0/96 dev siit0” to push any to be translated traffic into the translator.

trans2:

  • interface test: 192.168.12.2/24 (not used in this test)
  • interface test: fdca:ffee:babe:46::2/64
  • interface test: route to ::ffff:ffff:192.168.11.0/120 via trans1 (linklayer address)
  • interface lan: 192.168.15.1/24
  • interface siit0: 169.254.42.42/16 (also dummy)
  • interface siit0: “route add default dev siit0” again
  • “route add -A inet6 ::ffff:ffff:0:0/96 dev siit0” again.

dest:

  • 192.168.15.2/24, connected to interface lan of trans2

/etc/init.d/firewall disable on trans1 and trans2

i left the wanports attached to my normal lan at home to be able to telnet onto the boxes, but i removed the default gateway for the wan port.

i had to change the ::ffff:ffff -> ::ffff:0000 translating behavior to plain ::ffff:ffff -> ffff:ffff by changing TRANSLATED_PREFIX into 0xffffffff in siit.h, otherwise the way back into the v4 world would not work.

setup:

src and target are easy, configuration is left to the reader.

trans1 and trans2 are using firmware image with the siit kernel package in packages and this as .config. luci and packages are enabled in feeds.conf, x-wrt not.

trans1 uses following tarball as configuration, files go into /etc/config and set_stuff_trans1.sh to configure things luci cannot configure right now (or i am too dumb to figure it out).

trans2 the same: tarball and setstuff.

important: the linklayer address in set_stuff_* has to be changed to reflect the linklayeraddress of the neighbour, as they are lladdr dependent.

when done right, src should be able to ping target, tcpdump on the ipv6 network should show translated ip packets.

root@target:/# ping 192.168.15.169
PING 192.168.15.169 (192.168.15.169): 56 data bytes
64 bytes from 192.168.15.169: seq=0 ttl=60 time=4.165 ms
64 bytes from 192.168.15.169: seq=1 ttl=60 time=3.113 ms

--- 192.168.15.169 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 3.113/3.639/4.165 ms

and

root@trans1:~# tcpdump -n -i eth0.0 not port 698
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0.0, link-type EN10MB (Ethernet), capture size 96 bytes
00:54:51.064695 IP6 ::ffff:ffff:c0a8:b01 > ::ffff:ffff:c0a8:fa9: ICMP6, echo request, seq 0, length 64
00:54:51.067329 IP6 ::ffff:ffff:c0a8:fa9 > ::ffff:ffff:c0a8:b01: frag (0|64) ICMP6, echo reply, seq 0, length 64
00:54:52.061440 IP6 ::ffff:ffff:c0a8:b01 > ::ffff:ffff:c0a8:fa9: ICMP6, echo request, seq 1, length 64
00:54:52.063117 IP6 ::ffff:ffff:c0a8:fa9 > ::ffff:ffff:c0a8:b01: frag (0|64) ICMP6, echo reply, seq 1, length 64
00:54:56.059208 IP6 fe80::216:1ff:feaf:c520 > fdca:ffee:babe:46::1: ICMP6, neighbor solicitation, who has fdca:ffee:babe:46::1, length 32
00:54:56.059376 IP6 fdca:ffee:babe:46::1 > fe80::216:1ff:feaf:c520: ICMP6, neighbor advertisement, tgt is fdca:ffee:babe:46::1, length 32
00:54:56.060094 IP6 fe80::216:1ff:feaf:a6d4 > fdca:ffee:babe:46::2: ICMP6, neighbor solicitation, who has fdca:ffee:babe:46::2, length 32
00:54:56.060427 IP6 fdca:ffee:babe:46::2 > fe80::216:1ff:feaf:a6d4: ICMP6, neighbor advertisement, tgt is fdca:ffee:babe:46::2, length 32

8 packets captured
8 packets received by filter
0 packets dropped by kernel
root@trans1:~#
This entry was posted in freifunk, miscellaneous, network, software and tagged , , , . Bookmark the permalink.

2 Responses to rfc2765 part2

  1. jow says:

    Until LuCI gains support for static v6 routes, you can use this uci replacement of set_stuff_trans1.sh in /etc/config/network: http://luci.pastebin.com/fb2a48b

  2. Pingback: freifunk@k:ita » rfc2765 part3

Comments are closed.