jool-clat/networkd-dispatcher/configured.d/clat.sh

58 lines
1.9 KiB
Bash
Raw Permalink Normal View History

2021-09-20 16:46:16 +02:00
#!/bin/sh
if [ "$IFACE" == "clat" ]; then
echo "clat does not need to configurate again"
exit 0
fi
# NAT64 - by interface
nat64_prefix=$(dig +short ipv4only.arpa AAAA | sed 's/c000:a[ab]//' | head -1)
if [ $? -ne 0 ]; then
echo "${color_error}dns failed: no request to ipv4only.arpa possible${color_log}"
exit 1
fi
if [ "$nat64_prefix" == "" ]; then
echo "${color_error}nat64 prefix/subnet unkown${color_log}"
exit 1
fi
echo "setup clat with prefix: $nat64_prefix/64"
# namespace setup
ip netns add clatns
ip link add name clat type veth peer name to_world
ip link set up dev clat
ip link set up dev to_world netns clatns
# namespace network
clat_ll=$(ip -6 address show scope link dev clat | grep -Po 'inet6 \K[0-9a-f:]+')
internal_ll=$(ip netns exec clatns ip -6 address show scope link dev to_world | grep -Po 'inet6 \K[0-9a-f:]+')
v6_address_clat="$(ip r g ${nat64_prefix}0 | grep -Po 'src \K[0-9a-f]+:[0-9a-f]+:[0-9a-f]+:[0-9a-f]+:')$(echo $internal_ll | grep -Po 'fe80::\K[0-9a-f:]+')"
echo "ipv6 address clat: $v6_address_clat/64"
ip netns exec clatns ip -6 address add $v6_address_clat/64 dev to_world
ip netns exec clatns ip -6 route add default via $clat_ll dev to_world
ip netns exec clatns ip -4 address add 192.0.0.1/30 dev to_world
# jool setup
if ! ip netns exec clatns modprobe jool_siit; then
echo "${color_error}module jool_siit not found${color_log}"
ip netns del clatns
exit 1
fi
ip netns exec clatns jool_siit instance add --netfilter --pool6 $nat64_prefix/64
ip netns exec clatns jool_siit eamt add 192.0.0.2 $v6_address_clat
# route ipv6
echo 1 > /proc/sys/net/ipv6/conf/$IFACE/proxy_ndp
sysctl -w net.ipv6.conf.all.forwarding=1
#echo 1 tee /proc/sys/net/ipv6/conf/*/forwarding
ip -6 neigh add proxy $v6_address_clat dev $IFACE
ip -6 route add $v6_address_clat/128 via $internal_ll dev clat
# route ipv4
ip -4 address add 192.0.0.2/30 dev clat
ip -4 route add default via 192.0.0.1 dev clat
echo "completed"