• State Not Answered
  • Replies 15 replies
  • Subscribers 74 subscribers
  • Views 5579 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 124833
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

nRF2840: IPv6 over BLE to IPv4 internet via NAT64

BoKarolis

Hello,

I am really new to the field, I apologise, if things I am saying do not make sense, explanations and corrections appreciated :) I am trying to reach IPv4 internet from my PCA10056 nRF52840 node which is running IoT icmp example with adapted headers from PCA10040 nRF52832 so the buttons and LED's work. It is connected via BLE to my border router Raspberry Pi 3B, running Debian Stretch.

I can ping the nodes local "fe80" and "2001" addresses from the router. The node can ping local bt0 IPv6 address, tcp server/client setup works as well. As my ISP does not provide IPv6, I am using Tayga to communicate to IPv4 internet via IPv6. I have tried pinging Google's IPv4 address using NAT64 prefix from my Raspberry Pi and it works, although when I am trying to do the same with from the node, I get an error in tcpdump destination unreachable, beyond scope <prefix::808:808>.

I was thinking, that the bt0 interface cannot access anything beyond bt0, hence the ethernet interface is unreachable. My question is, would a bridge between the bt0 and ethernet interface help to solve my problem? If so, I would appreciate any tutorials or explanations how to successfully do that. Or would a tunnel broker such as hurricane electric be a better idea to just bypass all the IPv4 translation?

tayga.conf:

tun-device nat64
ipv4-addr 192.168.255.1
prefix 2001:db8:1:ffff::/96
dynamic-pool 192.168.255.0/24
data-dir /var/db/tayga

My ifconfig:

bt0: flags=4177<UP,POINTOPOINT,RUNNING,MULTICAST>  mtu 1280
        inet6 2001:db8::1  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::4343:a1ff:fe12:1fac  prefixlen 64  scopeid 0x20<link>
        unspec 41-43-A1-FF-FE-12-1F-AC-00-00-00-00-00-00-00-00  txqueuelen 1  (UNSPEC)
        RX packets 12  bytes 496 (496.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 37  bytes 2187 (2.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

enxb827eb0ab32d: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.5.129  netmask 255.255.255.0  broadcast 192.168.5.255
        inet6 2001:db8:1::1  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::ba27:ebff:fe0a:b32d  prefixlen 64  scopeid 0x20<link>
        ether b8:27:eb:0a:b3:2d  txqueuelen 1000  (Ethernet)
        RX packets 4281  bytes 4697929 (4.4 MiB)
        RX errors 0  dropped 4  overruns 0  frame 0
        TX packets 2934  bytes 341453 (333.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 270  bytes 19420 (18.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 270  bytes 19420 (18.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

nat64: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 192.168.5.129  netmask 255.255.255.255  destination 192.168.5.129
        inet6 fe80::e95a:684b:91f5:e2ca  prefixlen 64  scopeid 0x20<link>
        inet6 2001:db8:1::1  prefixlen 128  scopeid 0x0<global>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 6  bytes 564 (564.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 20  bytes 1544 (1.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

route -n -A inet6:

Destination                    Next Hop                   Flag Met Ref Use If    
2001:db8::/64                  ::                         U    256 0     0 bt0
2001:db8:1::1/128              ::                         U    256 0     0 nat64
2001:db8:1::/64                ::                         U    256 0     0 wlan0
2001:db8:1::/64                ::                         U    256 0     0 enxb827eb0ab32d
2001:db8:1:ffff::/96           ::                         U    1024 1    11 nat64
fe80::/64                      ::                         U    256 0     0 wlan0
fe80::/64                      ::                         U    256 0     0 enxb827eb0ab32d
fe80::/64                      ::                         U    256 0     0 nat64
fe80::/64                      ::                         U    256 1    23 bt0
::/0                           ::                         !n   -1  1   212 lo
::1/128                        ::                         Un   0   5     8 lo
2001:db8::/128                 ::                         Un   0   1     0 lo
2001:db8::1/128                ::                         Un   0   1     0 lo
2001:db8:1::/128               ::                         Un   0   1     0 lo
2001:db8:1::/128               ::                         Un   0   1     0 lo
2001:db8:1::1/128              ::                         Un   0   3     6 lo
2001:db8:1::1/128              ::                         Un   0   1     0 lo
2001:db8:1::1/128              ::                         Un   0   2     3 lo
fe80::/128                     ::                         Un   0   1     0 lo
fe80::/128                     ::                         Un   0   1     0 lo
fe80::/128                     ::                         Un   0   1     0 lo
fe80::/128                     ::                         Un   0   1     0 lo
fe80::4343:a1ff:fe12:1fac/128  ::                         Un   0   2     5 lo
fe80::ba27:ebff:fe0a:b32d/128  ::                         Un   0   1     0 lo
fe80::ba27:ebff:fe5f:e678/128  ::                         Un   0   1     0 lo
fe80::e95a:684b:91f5:e2ca/128  ::                         Un   0   1     0 lo
ff00::/8                       ::                         U    256 2    12 wlan0
ff00::/8                       ::                         U    256 3   233 enxb827eb0ab32d
ff00::/8                       ::                         U    256 1     3 nat64
ff00::/8                       ::                         U    256 3    13 bt0
::/0                           ::                         !n   -1  1   212 lo

I appreciate the help,

Karolis

Parents
  • 0

    Hi Karolis,

    It seems that you have selected the same prefix to address your bt network and for tayga to perform IPv6 to IPv4 translation. I would rather use well defined 64:ff9b::/96 prefix for tayga.

    Please look at the routing table. The most important entries I would expect to see there are:

    64:ff9b::/96 :: U 1024 0 0 nat64

    2001:db8::/64 :: U 256 0 0 bt0

    According to rfc3849 2001:db8 should serve documentation only, but lets leave it for now.

    Please also make sure that you have ipv4 and ipv6 forwarding enabled.

    I do not have much experience with tunnels or bridging with BT, so I cannot comment much on that.

    Regards, Piotr

    Edit: Adding some commands.

    If you receive "no route" error I expect there is missing entry in the routing table. I do not have the proper hardware on my desk at this moment, and I am not sure what exactly did you do. As the starting point I would set tayga.conf to:

    tun-device nat64

    ipv4-addr 192.168.64.1

    prefix 64:ff9b::/96

    data-dir /var/db/tayga

    Then I would clean current tayga database:

    rm -r /var/db/tayga

    mkdir -p /var/db/tayga/

    touch /var/db/tayga/dynamic.map

    ip link del dev nat64

    Then I would set it back again.

    tayga --mktun

    ip link set nat64 up

    ip addr add 64:ff9b::1 dev nat64

    ip addr add 64:ff9b::/64 dev nat64

    ip route add 192.168.64.0/24 dev nat64

    ip route add 64:ff9b::/64 dev nat64

    I would also set bt0 addr and add route to it.

    ip addr add fdff:cafe:cafe:cafe::/64 dev bt0

    ip route add fdff:cafe:cafe:cafe::/64 dev bt0

    Kind regards, Piotr Szkotak

Reply
  • 0

    Hi Karolis,

    It seems that you have selected the same prefix to address your bt network and for tayga to perform IPv6 to IPv4 translation. I would rather use well defined 64:ff9b::/96 prefix for tayga.

    Please look at the routing table. The most important entries I would expect to see there are:

    64:ff9b::/96 :: U 1024 0 0 nat64

    2001:db8::/64 :: U 256 0 0 bt0

    According to rfc3849 2001:db8 should serve documentation only, but lets leave it for now.

    Please also make sure that you have ipv4 and ipv6 forwarding enabled.

    I do not have much experience with tunnels or bridging with BT, so I cannot comment much on that.

    Regards, Piotr

    Edit: Adding some commands.

    If you receive "no route" error I expect there is missing entry in the routing table. I do not have the proper hardware on my desk at this moment, and I am not sure what exactly did you do. As the starting point I would set tayga.conf to:

    tun-device nat64

    ipv4-addr 192.168.64.1

    prefix 64:ff9b::/96

    data-dir /var/db/tayga

    Then I would clean current tayga database:

    rm -r /var/db/tayga

    mkdir -p /var/db/tayga/

    touch /var/db/tayga/dynamic.map

    ip link del dev nat64

    Then I would set it back again.

    tayga --mktun

    ip link set nat64 up

    ip addr add 64:ff9b::1 dev nat64

    ip addr add 64:ff9b::/64 dev nat64

    ip route add 192.168.64.0/24 dev nat64

    ip route add 64:ff9b::/64 dev nat64

    I would also set bt0 addr and add route to it.

    ip addr add fdff:cafe:cafe:cafe::/64 dev bt0

    ip route add fdff:cafe:cafe:cafe::/64 dev bt0

    Kind regards, Piotr Szkotak

Children
  • 0 in reply to Piotr Szkotak

    Hi, thanks for the answer, however this does not solve the problem. If I set the tayga prefix to 64:ff9b::/96 it asks me to set taygas ipv6 address and then I couldn't manage setting the routing tables correctly to ping myself or anything. Hence I tried setting different prefixes to bt0 and tayga interfaces, as you suggested, 2003:db8:1:ffff::/96 for tayga and 2004:db8:1:ffff::1/64 for bt0. The thing is, that when I look at tcpdump on bt0 interface, the node is using it's local fe80 address to ping google with nat64 prefix. IP6 fe80::282:73ff:fe90:8a48 > 2003:db8:1:ffff::808:808: ICMP6, echo request, seq 2, length 18. And then my bt0 interface replies fe80::ba27:ebff:fea0:1987 > fe80::282:73ff:fe90:8a48 : ICMP6, destination unreachable, beyond scope 2003:db8:1:ffff::808:808, source address fe80::282:73ff:fe90:8a48, length 66

  • 0 in reply to Piotr Szkotak

    Hi Karolis,

    I would say that using prefixes like 2003: and 2004: would couse you more trouble in the long run. If it does not work with the 64:ff9b::/96 prefix for tayga it clearly means that there are more issues to solve not that the prefix is incorrect. I would strongly encourage you to stick to 64:ff9b::/96 for NAT64.

    Could you look at the tcpdump on the nat64 interface? Do you see packets coming from the bt0?

    Kind regards, Piotr Szkotak

  • 0 in reply to Piotr Szkotak

    Hi, thanks for trying to help. On tcpdump nat64 interface there is nothing received with any of the prefixes. Using 64:ff9b::/96 I cannot even ping myself, as earlier, I am getting a "No route" error. I am not sure what should I set my tayga ipv6 address to, since I can't use 64:ff9b:: prefix for it. I tried 2001:db8:7777::1, but even after adding it to nat64 interface it still does not work.

    I have tried with a TI device, and it works with 2004 prefix, hence this shouldn't be the origin of the problem. As I said before, when I add a global ipv6 address to the bt0 interface it should use the global prefix, not the local one. This happens with the TI device, it uses the global address assigned and can communicate even over the internet without problems.

    Kind Regards, Karolis

  • 0 in reply to Piotr Szkotak

    If you receive "no route" error I expect there is missing entry in the routing table. I do not have the proper hardware on my desk at this moment, and I am not sure what exactly did you do. As the starting point I would set tayga.conf to: tun-device nat64 ipv4-addr 192.168.64.1 prefix 64:ff9b::/96 data-dir /var/db/tayga

    Then I would clean current tayga database: rm -r /var/db/tayga mkdir -p /var/db/tayga/ touch /var/db/tayga/dynamic.map ip link del dev nat64

    Then I would set it back again. tayga --mktun ip link set nat64 up ip addr add 64:ff9b::1 dev nat64 ip addr add 64:ff9b::/64 dev nat64 ip route add 192.168.64.0/24 dev nat64 ip route add 64:ff9b::/64 dev nat64

    I would also set bt0 addr and add route to it. ip addr add fdff:cafe:cafe:cafe::/64 dev bt0 ip route add fdff:cafe:cafe:cafe::/64 dev bt0

    Kind regards, Piotr Szkotak

  • 0 in reply to Piotr Szkotak

    The suggested tayga configuration does not work, if you are using 64:ff9b::/96 prefix, you need to set ipv6 address for tayga.

Related
Terms of service