Jake,
If I understand you correctly, you're saying that an IPv4-only client
communicates to the internet like this:
client <--------------> homenode <-----------> exitserver
<---------------> internet
IPv4 packet routed through IPv6 packet
gets NAT64ed mesh (IPv6) gets
reverse-NAT64ed
(both SNAT again (both
SNAT and
and DNAT) DNAT).
Let's assume the client is assigned 1.1.1.2, and is trying to send a packet
to 4.4.4.4 (on the internet). Then the first NAT
stage is stateless. The source address gets prefixed by the homenode's
prefix (to, say h::1:1:1:2) and the destination
address gets the "internet" prefix (to say, i::4:4:4:4). The mesh routing
ensures that the packet arrives at the exit server,
which now performs *stateful* NAT64 (RFC6146?) on the source address, and
stateless on the destination (removing
the i:: prefix).
This can all work (and was briefly considered in the past). The problem is
the implementation state of the various parts.
Does OpenWRT support stateful NAT64?
Alex
2017-04-29 12:21 GMT-07:00 Jake <jake(a)spaz.org>rg>:
So let me get this straight- home nodes advertise
their /26, which is how
the
network knows how to get return traffic back to any given client?
Wouldn't giving clients ipv6 addresses result in the problems with many
of
the ipv4 only protocols that were mentioned at the start of the thread?
Yes if we give them only IPv6 addresses but we want them to have both.
but if the mesh relied on IPV6 for everything, then couldn't the home
nodes do
IPV4 masquerading to IPV6 and they wouldn't need their own /26 because you
could have identical IPV4 addresses on different home nodes that way?
meaning, the IPV4 address given by DHCP by a home node is only for that
node to
talk to that client, and everything goes out over IPV6 from node to node
and to
the exit node (where it does reverse masquerading to the internet for IPV4
traffic)
does this make sense? i know it would be a lot of work but maybe it's a
good
path forward.. and it simplifies some things, for example no more need to
coordinate 100./26 IPV4 subnets between home nodes... you could use the
home
node's MAC address for its IPV6 subnet.
-jake
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org
https://sudoroom.org/lists/listinfo/mesh