[Babel-users] stupid babel tricks: routing ipv6 while keeping nat

Dave Taht dave.taht at gmail.com
Fri Apr 3 17:46:52 UTC 2015 

I really need a better place than g+ to write this stuff down, and I
am curious how you would do this with other daemons and routing
protocols.

Sometimes I am unwilling to take the time to unnat an internal router.
So all I do is add two lines to /etc/babeld.conf to not distribute
ipv4 addresses, and let me do ipv6 routed, only.

That´s easy. To kill the ipv4 routing...

out if eth0 ip 0.0.0.0/0 deny
in if eth0 ip 0.0.0.0/0 deny

Then I can arbitrarily give myself a real /128 ipv6 address from some
range elsewhere on my source specific routed network - not even adding
an ipv6 address to the router in question...

and it automagically transits the network in that direction, even the
hops that have no or a ula-only ipv6 address.  The only thing this
bugs is traceroute, it is transparent to other applications.

root at nuc-client:~/public_html/archer_c7_O2# traceroute6 -n $_
traceroute to shipka.bufferbloat.net (2001:4f8:3:36::52) from
2601:a:4e10:4cc7::99, 30 hops max, 24 byte packets
 1  fd75:d7b6:a0c6::1  0.29 ms  0.232 ms  0.238 ms
 2  * * *
 3  * * *
 4  * * *
 5  2601:9:4e00:4cb0::1  2.313 ms  1.928 ms  1.777 ms
 6  * * *
 7  2001:558:82:2623::1  15.664 ms  16.341 ms  11.83 ms
 8  2001:558:80:17::1  22.258 ms  15.526 ms  11.844 ms
 9  * * *
10  2001:558:0:f587::2  15.589 ms  13.895 ms  14.733 ms
11  2001:559::14e  17.713 ms  18.346 ms  13.916 ms
12  2001:4f8:0:1::4:1  14.851 ms  16.484 ms  14.67 ms
13  2001:4f8:1b:1::8:2  18.905 ms  19.527 ms  18.625 ms
14  2001:4f8:3:36::52  17.228 ms  14.048 ms  14.109 ms

Current openwrt uses a default deny policy on the wan gateway, so you
also have to open up the firewall for babel packets.

config rule
        option name 'Allow-Babel'
        option family 'ipv6'
        option src 'wan'
        option dest_port '6696'
        option proto 'udp'
        option target 'ACCEPT'

at least on the babels version of the uci scripts in chaos calmer, it
is having trouble finding the br-lan option to give to babel in the
first place, for some reason.

-- 
Dave Täht
Let's make wifi fast, less jittery and reliable again!

https://plus.google.com/u/0/107942175615993706558/posts/TVX3o84jjmb

More information about the Babel-users mailing list