T160: nat64: Implement Jool-based NAT64 translator #1993
Conversation
vyosbot
requested review from
a team,
dmbaturin,
sarthurdev,
zdc,
jestabro,
sever-sever and
c-po
and removed request for
a team
frebib
force-pushed
the
nat64
branch
2 times, most recently
from
884d81e
to
1fa6068
Compare
frebib
changed the title
frebib
changed the title
|
Still to do is:
Opening this up for review with what there is before I add anything else. I think this works correctly as it is |
frebib
changed the title
|
Welcome and look forward to the merger |
src/conf_mode/nat64.py
Outdated
| config["pool4"] = pool4 | ||
|
|
||
| # pylint: disable=invalid-name | ||
| with open(f"{JOOL_CONFIG_DIR}/{name}.json", "w", encoding="utf-8") as f: |
There was a problem hiding this comment.
Can you please use vyos.utils.file.read_file() instead?
There was a problem hiding this comment.
This is writing a file. I see vyos.utils.file.read_json() but no write_json(). Should I create a write_json() and use that?
There was a problem hiding this comment.
Oh sorry, then please use: vyos.utils.file.write_file() instead. Example: https://github.com/vyos/vyos-1x/blob/current/src/conf_mode/container.py#L364
src/conf_mode/nat64.py
Outdated
| from vyos.config import Config | ||
| from vyos.configdict import dict_merge, is_node_changed | ||
| from vyos.util import check_kmod, cmd, dict_search, run | ||
| from vyos.xml import defaults |
There was a problem hiding this comment.
Why import defaults? I see no reference to <defaultValue> node in your XML definitions.
There was a problem hiding this comment.
Almost certainly a copy-paste and me not understanding
There was a problem hiding this comment.
Actually, it looks like it's being used here https://github.com/vyos/vyos-1x/pull/1993/files#diff-301b6d4ad94f8356451b06c8710ea3b527e8dba33dc9727cdcb83997c05d8966R49
Should I just remove that defaults block entirely?
There was a problem hiding this comment.
If you do not consume any defaults, please drop it
|
Can you please also rebase this code to the latest |
Signed-off-by: Joe Groocock <me@frebib.net>
|
Need to add nftables support and re-evaluate after 1.4 is branched off. |
|
jool upstream doesn't support nftables (yet). NICMx/Jool#273 (comment). Netfilter mode is probably the best we can do I do think it's worth holding on this until nftables support is available. I don't like the current implementation at all. The only reason I didn't just use a container for this is because setting up the routing is hard |
|
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
|
@frebib could you re-base? |
Add NAT64 The original PR vyos#1993 There are no responces from the author of PR and PR had conflicts Write fixed for JSON write files and update the base Deleted unused default values Simple changes Example: ``` set nat64 source rule 100 source prefix '64:ff9b::/96' set nat64 source rule 100 translation pool 10 address '192.168.122.10' set nat64 source rule 100 translation pool 10 port '1-65535' ```
|
I created a new PR #2573 with the required changes and updated the base. |
Add NAT64 The original PR vyos#1993 There are no responces from the author of PR and PR had conflicts Write fixed for JSON write files and update the base Deleted unused default values Simple changes Example: ``` set nat64 source rule 100 source prefix '64:ff9b::/96' set nat64 source rule 100 translation pool 10 address '192.168.122.10' set nat64 source rule 100 translation pool 10 port '1-65535' ```
|
Apologies for the radio silence here, it's a busy time of the year. I probably won't have much time to work on this for the next couple of weeks if you'd still like me to pick anything up here. Alternatively I'm happy for someone else to pick this up. I do feel like my crude implementation needs a lot of work, even if it does work just fine |
|
merged in PR #2578 |
|
Thanks for pushing this over the line @sever-sever |
Change Summary
Implement NAT64 using jool following existing nat44 syntax
Types of changes
Related Task(s)
Component(s) name
nat64
Proposed changes
How to test
Checklist: