On 2019/12/15 05:44, Andrey V. Elsukov wrote: > On 14.12.2019 22:54, John W. O'Brien wrote: >> Hello FreeBSD Networking, >> >> As the subject summarizes, I have a mostly-working NAT64 rig, but return >> traffic is disappearing, and I haven't been able to figure out why. I >> observe the post-translation (4-to-6) packets via ipfwlog0, but a simple >> ipfw counter rule ipfw matches nothing. > > I suspect you have disabled IPv6 on the interface, where IPv4 address is > configured. Check that IFDISABLED flag is not set on the IPv4 side > interface. > > When NAT64 does translation, by default it reschedules a packet again on > the same interface, but from another address family, so if you have > disabled IPv6, a packet will be just dropped by ip6_input. > You can enable IPv6 by the following command: > > # ifconfig igb0 inet6 -ifdisabled
Yes, this is exactly the problem. Thank you very much!
The reason it was working in the EC2 case is because the FreeBSD AMIs
set ipv6_activate_all_interfaces="YES".
It helps me quite a lot to learn the concept of "reschedules a packet
again on the same interface". That fills in a gap that I am sure will
come in handy when trying to reason about behavior in the future.
Incidentally, where are those drops counted? I did start looking at
"netstat -i" and "netstat -s" for clues, and even now that I know what
to look for, I'm not sure I know what I'm seeing. Is it "ip6: output
packets discarded due to no route"?
--
John W. O'Brien
OpenPGP keys:
0x33C4D64B895DBF3B
signature.asc
Description: OpenPGP digital signature
