New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FS#472 - 6to4 support with 1:1 nat #5501
Comments
bolvan: Attached patch file |
jow-: I do not understand your patch. All it does is making 6in4 fail when it finds no wan ip even if the user specified an ip in the configuration. It does not change anything in the actual tunnel setup logic. What is this bug you're referring to? |
bolvan: Imagine wan has ipv4 "10.1.2.3". Its mapped 1:1 by isp to 190.1.2.3. ip tunnel add tun6to4 mode sit ttl XXX remote any local 190.1.2.3 instead of correct ip tunnel add tun6to4 mode sit ttl XXX remote any local 10.1.2.3 And it does not work. |
dedeckeh: But is that not misconfiguration by the user ? |
bolvan: 6in4 works from the box because 6in4.sh does not have test_6to4_rfc1918 "$ipaddr" && { 6in4 does not need to find out actual external ip address. |
bolvan: "ipaddr" option is documented as "Local IPv4 endpoint address". it can be useful when interface has multiple IPs. ipaddr must be one of the locally present IPs, not ephemeral "external IP". |
bolvan:
One-to-one NAT means you have LAN address on interface and its mapped 1:1 to external ip addresses.
You can have incoming connections.
In such configuration "ipaddr" must be specified in 6to4 protocol section.
But due to bug this addr is submitted as local address for tunnel creation.
It does not work.
I fixed this with the following patch to /lib/netifd/proto/6to4.sh
48,53c48,53
< [ -z "$ipaddr" ] && {
< if ! network_get_ipaddr ipaddr "$wanif"; then
< proto_notify_error "$cfg" "NO_WAN_ADDRESS"
< return
< fi
< }
76c76
< json_add_string local "$ipaddr"
I suggest you integrate this patch or do something similar yourself.
The text was updated successfully, but these errors were encountered: