--pAwQNkOnpTn9IO2O
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Jan 09, 2006 at 10:10:36AM +0100, Pavel Cahyna wrote:
> On Sat, Jan 07, 2006 at 10:57:17PM -0600, Jonathan A. Kollasch wrote:
> > Hi,
> > 	Because my ADSL gateway (running OpenWrt Busybox/Linux\ 2.4)
> > isn't providing me with stable 6to4 connectivity (long story, not
> > on topic here) I've decided to switch my 6to4 router back to NetBSD.
> >=20
> > I've got full control over iptables on the ADSL gateway, thus I
> > can do protocol forwarding.  However, I can't get stf(4) to accept
> > packets directed at its private IPv4 address.  I'm using the binat
>=20
> I can only say that it works for me in 3.0.
>=20
> ipnat.conf :
>=20
> bimap ex0 xx.xx.xx.xx/32 -> 10.11.53.78/32 ipv6


For the record I'm now using the PF rule:

binat on ex0 proto ipv6 from xx.xx.xx.xx/32 to any -> 10.11.53.78/32


>=20
> ifconfig.stf0:
>=20
> create
> inet6 2002:xxxx:xxxx::1 prefixlen 16 up
>=20
> ifconfig.lo0:
>=20
> inet xx.xx.xx.xx prefixlen 32 alias
>=20
> (xxxx:xxxx is the hex representation of xx.xx.xx.xx).
>=20
> > rule as suggested the last time this subject came up, it seems to
> > let the packets get out.  I've tried using the link2 bit on stf0
>=20
> Is the source address set to your private address, or to the public one?
> (when seen by tcpdump). If it is the public one, it means that NAT is not
> working.
>=20
> Bye	Pavel

--pAwQNkOnpTn9IO2O
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (NetBSD)

iD8DBQFEMvD3Ojx1ye3hmokRAkVGAJ9MmLFSZII3hY9KkjQkyx9W7hA3cACfY/2o
XJTuN3YvmYoRnFtyb/Fvd5g=
=6q1S
-----END PGP SIGNATURE-----

--pAwQNkOnpTn9IO2O--