Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Jool when translating always drops the packet due to an error #382

New issue
New issue
Closed
Closed
Jool when translating always drops the packet due to an error#382
Labels
Bug
Milestone
4.1.10
@aalmenar

Description

@aalmenar
aalmenar
opened on Jun 17, 2022

Hi, I have been playing with jool a bit but when using my own address space for NAT64 always gets this issue:

Jool NAT64/ba23ed80/default: ===============================================
Jool NAT64/ba23ed80/default: Packet: 2001:xxx:518f->2001:xxx::1f2f:4d04
Jool NAT64/ba23ed80/default: TCP 41168->80
Jool NAT64/ba23ed80/default: Step 1: Determining the Incoming Tuple
Jool NAT64/ba23ed80/default: Tuple: 2001:xxx:518f#41168 -> 2001:xxx::1f2f:4d04#80 (TCP)
Jool NAT64/ba23ed80/default: Done step 1.
Jool NAT64/ba23ed80/default: Step 2: Filtering and Updating
Jool NAT64/ba23ed80/default: BIB entry: 2001:xxx:518f#41168 - 194.1.1.1#22154 (TCP)
Jool NAT64/ba23ed80/default: Session entry: 2001:xxx:518f#41168 - 2001:xxx::1f2f:4d04#80 | 194.1.1.1#22154 - 31.47.77.4#80 (TCP)
Jool NAT64/ba23ed80/default: Done: Step 2.
Jool NAT64/ba23ed80/default: Step 3: Computing the Outgoing Tuple
Jool NAT64/ba23ed80/default: Tuple: 194.1.1.1#22154 -> 31.47.77.4#80 (TCP)
Jool NAT64/ba23ed80/default: Done step 3.
Jool NAT64/ba23ed80/default: Step 4: Translating the Packet
Jool NAT64/ba23ed80/default: Translating packet addresses 2001:xxx:518f->2001:xxx::1f2f:4d04...
Jool NAT64/ba23ed80/default: Result: 194.1.1.1->31.47.77.4
Jool NAT64/ba23ed80/default: Packet routed via device 'eth0'.
Jool NAT64/ba23ed80/default: Done step 4.
Jool NAT64/ba23ed80/default: Sending packet.
Jool NAT64/ba23ed80/default: dst_output() returned errcode 1.
Jool: Dropping packet.

When jool is down, the server is able to reach anything on public ipv4 space.

i have totally run out of ideas.

my jool.conf:

{
"instance": "default",
"framework": "netfilter",
"global": {
"maximum-simultaneous-opens": 1000,
"drop-externally-initiated-tcp": true,
"pool6": "2001:xxx::/96"
},
"pool4": [
{
"comment": "mark, port range and max-iterations are optional.",
"protocol": "TCP",
"prefix": "194.1.1.1",
"port range": "21001-65535"
},
{
"protocol": "UDP",
"prefix": "194.1.1.1",
"port range": "21001-65535"
},
{
"protocol": "ICMP",
"prefix": "194.1.1.1",
"port range": "21001-65535"
}
]
}

sysctl values:

net.ipv4.ip_local_port_range = 10000 20000
net.ipv4.conf.all.forwarding=1
net.ipv6.conf.all.forwarding=1

Dont know if its a bug or what:

Tried this with:

Jool 4.1.5, 4.1.8, 4.2.0-rc2
Kernels 5.10, 5.15, 5.16

Metadata

Metadata

Assignees

No one assigned

    Labels

    Bug

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions