Actions
Task #7377
closedCreate an active-active NAT64 gateway
Start date:
11/29/2019
Due date:
% Done:
0%
Estimated time:
PM Check date:
Description
- session sync & co.
- I'd recommend jool + joold, but open to options
Updated by Nico Schottelius almost 5 years ago
I'll try some joold magic today
apk add jool-modules-vanilla jool-tools-openrc jool-tools
[14:06] replacement-router2.place5:~# cat joold.conf
{
"multicast address": "ff08::db8:64:64",
"multicast port": "6464",
"in interface": "bond0.8",
"out interface": "bond0.8",
"reuseaddr": 1,
"ttl": 3
}
[14:06] replacement-router2.place5:~# joold joold.conf
joold error: -3
Same error with
{
"multicast address": "ff08::db8:64:64",
"multicast port": "6464",
"reuseaddr": 1,
"ttl": 3
}
Error -2 w/ different multicast address
[14:10] replacement-router2.place5:~# joold /root/joold.conf
joold error: -2
[14:10] replacement-router2.place5:~# cat /root/joold.conf
{
"multicast address": "FF02::DB8::1",
"multicast port": "6464",
"reuseaddr": 1,
"ttl": 3
}
Minimal config:
[14:10] replacement-router2.place5:~# joold /root/joold.conf
joold error: -2
[14:11] replacement-router2.place5:~# cat /root/joold.conf
{
"multicast address": "FF02::DB8::1",
"multicast port": "6464"
}
[14:11] replacement-router2.place5:~#
Filename seems to be right / consistent error
[14:33] replacement-router2.place5:~# joold
joold error: -2
[14:33] replacement-router2.place5:~# cat netsocket.json
{
"multicast address": "FF02::DB8::1",
"multicast port": "6464"
}
strace:
sendto(3, "<30>Nov 30 13:34:21 joold: Openi"..., 58, 0, NULL, 0) = 58
open("netsocket.json", O_RDONLY) = 4
lseek(4, 0, SEEK_END) = 68
lseek(4, 0, SEEK_CUR) = 68
lseek(4, 0, SEEK_SET) = 0
readv(4, [{iov_base="{\n\t\"multicast address\": \"FF02::D"..., iov_len=67}, {iov_base="\n", iov_len=1024}], 2) = 68
close(4) = 0
sendto(3, "<30>Nov 30 13:34:21 joold: Getti"..., 72, 0, NULL, 0) = 72
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 4
fcntl(4, F_SETFD, FD_CLOEXEC) = 0
read(4, "127.0.0.1\trouter4 localhost.loca"..., 1024) = 87
read(4, "", 1024) = 0
close(4) = 0
open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 4
fcntl(4, F_SETFD, FD_CLOEXEC) = 0
read(4, "# Generated by cdist with a good"..., 248) = 115
read(4, "", 248) = 0
close(4) = 0
socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, IPPROTO_IP) = 4
bind(4, {sa_family=AF_INET6, sin6_port=htons(0), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
setsockopt(4, SOL_IPV6, IPV6_V6ONLY, [0], 4) = -1 EINVAL (Invalid argument)
sendto(4, "\227\260\1\0\0\1\0\0\0\0\0\0\fFF02::DB8::1\6place5"..., 49, MSG_NOSIGNAL, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "2a0a:e5c0::3", &sin6_addr), sin6_scope_id=0}, 28) = 49
sendto(4, "\227\260\1\0\0\1\0\0\0\0\0\0\fFF02::DB8::1\6place5"..., 49, MSG_NOSIGNAL, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "2a0a:e5c0::4", &sin6_addr), sin6_scope_id=0}, 28) = 49
sendto(4, "\231\2\1\0\0\1\0\0\0\0\0\0\fFF02::DB8::1\6place5"..., 49, MSG_NOSIGNAL, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "2a0a:e5c0::3", &sin6_addr), sin6_scope_id=0}, 28) = 49
sendto(4, "\231\2\1\0\0\1\0\0\0\0\0\0\fFF02::DB8::1\6place5"..., 49, MSG_NOSIGNAL, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "2a0a:e5c0::4", &sin6_addr), sin6_scope_id=0}, 28) = 49
poll([{fd=4, events=POLLIN}], 1, 2500) = 1 ([{fd=4, revents=POLLIN}])
recvfrom(4, "\227\260\205\203\0\1\0\0\0\1\0\0\fFF02::DB8::1\6place5"..., 512, 0, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "2a0a:e5c0::3", &sin6_addr), sin6_scope_id=0}, [28]) = 95
recvfrom(4, 0x7ffc3b6de6a0, 512, 0, 0x7ffc3b6de150, [28]) = -1 EAGAIN (Resource temporarily unavailable)
poll([{fd=4, events=POLLIN}], 1, 2499) = 1 ([{fd=4, revents=POLLIN}])
recvfrom(4, "\231\2\205\203\0\1\0\0\0\1\0\0\fFF02::DB8::1\6place5"..., 512, 0, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "2a0a:e5c0::3", &sin6_addr), sin6_scope_id=0}, [28]) = 95
close(4) = 0
socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, IPPROTO_IP) = 4
bind(4, {sa_family=AF_INET6, sin6_port=htons(0), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
setsockopt(4, SOL_IPV6, IPV6_V6ONLY, [0], 4) = -1 EINVAL (Invalid argument)
sendto(4, "\366\t\1\0\0\1\0\0\0\0\0\0\fFF02::DB8::1\0\0\1\0\1", 30, MSG_NOSIGNAL, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "2a0a:e5c0::3", &sin6_addr), sin6_scope_id=0}, 28) = 30
sendto(4, "\366\t\1\0\0\1\0\0\0\0\0\0\fFF02::DB8::1\0\0\1\0\1", 30, MSG_NOSIGNAL, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "2a0a:e5c0::4", &sin6_addr), sin6_scope_id=0}, 28) = 30
sendto(4, "\366\366\1\0\0\1\0\0\0\0\0\0\fFF02::DB8::1\0\0\34\0\1", 30, MSG_NOSIGNAL, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "2a0a:e5c0::3", &sin6_addr), sin6_scope_id=0}, 28) = 30
sendto(4, "\366\366\1\0\0\1\0\0\0\0\0\0\fFF02::DB8::1\0\0\34\0\1", 30, MSG_NOSIGNAL, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "2a0a:e5c0::4", &sin6_addr), sin6_scope_id=0}, 28) = 30
poll([{fd=4, events=POLLIN}], 1, 2500) = 1 ([{fd=4, revents=POLLIN}])
recvfrom(4, "\366\t\201\203\0\1\0\0\0\1\0\0\fFF02::DB8::1\0\0\1\0\1\0\0"..., 512, 0, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "2a0a:e5c0::3", &sin6_addr), sin6_scope_id=0}, [28]) = 105
recvfrom(4, "\366\366\201\203\0\1\0\0\0\1\0\0\fFF02::DB8::1\0\0\34\0\1\0\0"..., 512, 0, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "2a0a:e5c0::3", &sin6_addr), sin6_scope_id=0}, [28]) = 105
close(4) = 0
sendto(3, "<27>Nov 30 13:34:21 joold: getad"..., 71, 0, NULL, 0) = 71
close(3) = 0
writev(2, [{iov_base="joold error: -2\n", iov_len=16}, {iov_base=NULL, iov_len=0}], 2joold error: -2
) = 16
exit_group(-2) = ?
+++ exited with 254 +++
Updated by Nico Schottelius almost 5 years ago
- Project changed from hack4glarus-2019-winter to Open Infrastructure
- Subject changed from Create an active-active NAT64 gateway on 2 APUs to Create an active-active NAT64 gateway
- Status changed from New to In Progress
- Assignee changed from Kamila Součková to Nico Schottelius
alpine-router1:~# jool instance remove example alpine-router1:~# jool instance add default --netfilter --pool6 64:ff9b::/96 alpine-router1:~# jool pool4 add --tcp 185.203.114.5 1-65534
Updated by Nico Schottelius almost 5 years ago
Need to add pool entries for each protocol:
alpine-router1:~# jool pool4 add --icmp 185.203.114.5 1-65534 alpine-router1:~# jool pool4 add --udp 185.203.114.5 1-65534
Updated by Nico Schottelius almost 5 years ago
Using the new NAT64 IPv4 address on both machines:
alpine-router2:~# ip addr add 185.203.114.5/24 dev eth0
Updated by Nico Schottelius almost 5 years ago
Session exist on one router, session does not exist on other one -> multicast issue?
alpine-router1:~# jool session display --------------------------------- (V6_INIT) Expires in 0:03:39.550 Remote: 185-203-114-5.legacy.ipv4.at.ungleich.ch#ssh 2a0a-e5c0-0000-0002-0000-b3ff-fe39-7976.loves.ipv6.at.ungleich.ch#42766 Local: 185.203.114.5#13444 64:ff9b::b9cb:7205#22 --------------------------------- (V6_INIT) Expires in 0:03:51.790 Remote: 185-203-114-5.legacy.ipv4.at.ungleich.ch#ssh 2a0a-e5c0-0000-0002-0000-b3ff-fe39-7976.loves.ipv6.at.ungleich.ch#42768 Local: 185.203.114.5#13445 64:ff9b::b9cb:7205#22 --------------------------------- (V6_INIT) Expires in 0:03:59.950 Remote: 185-203-114-5.legacy.ipv4.at.ungleich.ch#ssh 2a0a-e5c0-0000-0002-0000-b3ff-fe39-7976.loves.ipv6.at.ungleich.ch#42770 Local: 185.203.114.5#13446 64:ff9b::b9cb:7205#22 --------------------------------- alpine-router1:~# --------------------------------- alpine-router2:~# jool session display --------------------------------- alpine-router2:~#
According to alpine-router1:/etc/jool# tcpdump -ni any port 6464 it looks like as if there is no traffic sent
Updated by Nico Schottelius almost 5 years ago
- Status changed from In Progress to Rejected
Going active-passive.
Actions