[Babel-users] stupid babel tricks: routing ipv6 while keeping nat
dave.taht at gmail.com
Fri Apr 3 17:46:52 UTC 2015
I really need a better place than g+ to write this stuff down, and I
am curious how you would do this with other daemons and routing
Sometimes I am unwilling to take the time to unnat an internal router.
So all I do is add two lines to /etc/babeld.conf to not distribute
ipv4 addresses, and let me do ipv6 routed, only.
That´s easy. To kill the ipv4 routing...
out if eth0 ip 0.0.0.0/0 deny
in if eth0 ip 0.0.0.0/0 deny
Then I can arbitrarily give myself a real /128 ipv6 address from some
range elsewhere on my source specific routed network - not even adding
an ipv6 address to the router in question...
and it automagically transits the network in that direction, even the
hops that have no or a ula-only ipv6 address. The only thing this
bugs is traceroute, it is transparent to other applications.
root at nuc-client:~/public_html/archer_c7_O2# traceroute6 -n $_
traceroute to shipka.bufferbloat.net (2001:4f8:3:36::52) from
2601:a:4e10:4cc7::99, 30 hops max, 24 byte packets
1 fd75:d7b6:a0c6::1 0.29 ms 0.232 ms 0.238 ms
2 * * *
3 * * *
4 * * *
5 2601:9:4e00:4cb0::1 2.313 ms 1.928 ms 1.777 ms
6 * * *
7 2001:558:82:2623::1 15.664 ms 16.341 ms 11.83 ms
8 2001:558:80:17::1 22.258 ms 15.526 ms 11.844 ms
9 * * *
10 2001:558:0:f587::2 15.589 ms 13.895 ms 14.733 ms
11 2001:559::14e 17.713 ms 18.346 ms 13.916 ms
12 2001:4f8:0:1::4:1 14.851 ms 16.484 ms 14.67 ms
13 2001:4f8:1b:1::8:2 18.905 ms 19.527 ms 18.625 ms
14 2001:4f8:3:36::52 17.228 ms 14.048 ms 14.109 ms
Current openwrt uses a default deny policy on the wan gateway, so you
also have to open up the firewall for babel packets.
option name 'Allow-Babel'
option family 'ipv6'
option src 'wan'
option dest_port '6696'
option proto 'udp'
option target 'ACCEPT'
at least on the babels version of the uci scripts in chaos calmer, it
is having trouble finding the br-lan option to give to babel in the
first place, for some reason.
Let's make wifi fast, less jittery and reliable again!
More information about the Babel-users