Page History
...
- Build the jool modules using below build instructions
Code Block title Jool Installation sudo apt update sudo apt upgrade sudo apt install build-essential pkg-config sudo wget https://github.com/NICMx/Jool/releases/download/v4.2.0-rc2/jool-4.2.0.rc2.tar.gz sudo tar -xzf jool-4.2.0.rc2.tar.gz sudo /sbin/dkms install jool-4.2.0.rc2/ cd jool-4.2.0.rc2/ sudo ./configure sudo make sudo make install
- Once build completed, below modules will be generated in respective paths, add those modules to kernel path
Code Block title MAPT modules ubuntu:~/jool-4.2.0~rc2$ find . -iname jool*ko ./src/mod/mapt/jool_mapt.ko ./src/mod/common/jool_common.ko ./src/mod/nat64/jool.ko /src/mod/siit/jool_siit.ko
Jool configure
Code Block title Modeprobe modules sudo modprobe jool_common sudo modprobe jool_mapt sudo modprobe jool Enable below modules as well if not enabled netfilter/nf_defrag_ipv4.ko netfilter/nf_defrag_ipv6.ko
- Once all modules are loaded and confirmed via lsmod
Expand title lsmod ubuntu:~/ lsmod | grep jool*
jool_mapt 20480 0
jool_common 253952 1 jool_mapt
nf_defrag_ipv6 24576 3 nf_conntrack,openvswitch,jool_mapt
nf_defrag_ipv4 16384 2 nf_conntrack,jool_mapt
x_tables 53248 9 xt_conntrack,nft_compat,xt_state,xt_tcpudp,xt_addrtype,xt_nat,ip_tables,xt_MASQUERADE,jool_mapt - Create an instance BR
View the created instance using: (To remove instance sudo jool_mapt instance remove BR )Code Block title BR instance creation sudo jool_mapt instance add "BR" --netfilter --dmr 64:ff9b::/64 sudo jool_mapt -i "BR" fmrt add 2001:558:6013::/48 192.168.20.0/24 8 8 sudo jool_mapt -i "BR" global update map-t-type BR
Enable dubbing debugging for jool using sudo jool_mapt -i BR global update logging-debug trueCode Block title View Instances akhil@CHTSL00399:~$ sudo jool_mapt -i BR fmrt display +---------------------------------------------+--------------------+----------------+----+ | IPv6 Prefix | IPv4 Prefix | EA-bits Length | a | +---------------------------------------------+--------------------+----------------+----+ | 2001:558:6013::/48 | 192.168.20.0/24 | 16 | 6 | +---------------------------------------------+--------------------+----------------+----+ akhil@CHTSL00399:~$ sudo jool_mapt instance display +--------------------+-----------------+-----------+ | Namespace | Name | Framework | +--------------------+-----------------+-----------+ | 89628c00 | BR | netfilter | +--------------------+-----------------+-----------+ akhil@CHTSL00399:~$
cat /var/log/syslog - Make changes in BR setup to make ping and internet work
- Adding traffic control because iptables POSTROUTING (where MASQUERADE/SNAT stays) is never reached. When a traffic comes back before deNAT jool occupies the traffic. Since BR is behind a NAT with a private IP, outgoing packets have source 192.168.20.x which the upstream can't route back
Code Block title Add tc rules sudo ip addr add 192.168.20.1/24 dev lo sudo tc qdisc add dev wlan0 root handle 1: prio sudo tc filter add dev wlan0 parent 1: protocol ip prio 1 u32 \ match ip src 192.168.20.0/24 \ action pedit ex munge ip src set 10.68.245.229 pipe \ action csum ip4h icmp sudo tc qdisc add dev wlan0 handle ffff: ingress sudo tc filter add dev wlan0 parent ffff: protocol ip prio 1 u32 \ match ip protocol 1 0xff \ match u8 0 0xff at 20 \ action pedit ex munge ip dst set 192.168.20.1 pipe \ action csum ip4h icmp ip route get 8.8.8.8 from 192.168.20.1
- Check tcpdump for wan interface and downlink interface which is connected to CE, will be able to see request and reply from upstream.
- Connectivity test updated below
- To remove above rules
sudo tc qdisc del dev wlan0 root handle 1: prio
sudo tc qdisc del dev wlan0 handle ffff: ingress
Customer Edge: Enable/Disable MAPT feature with below distro's from build
...
Overview
Community Forums
Content Tools
Tasks