Jool
Jool copied to clipboard
NICMx
Jool stateful NAT64 does not work with net.core.default_qdisc=fq
Observed behaviour
If system boots with net.core.default_qdisc=fq_codel, everything works. Also changing to net.core.default_qdisc=fq after bootup is no problem.
If the Linux Kernel is configured to use fair queueing (fq) during bootup, jool runs in to an error during sending packets.
[ 86.617685] Jool NAT64/8e68ca40/s5b: ===============================================
[ 86.617695] Jool NAT64/8e68ca40/s5b: Packet: 2a13:fc80:e000:1000:f43f:cff:fe95:a673->64:ff9b::808:808
[ 86.617700] Jool NAT64/8e68ca40/s5b: ICMPv6 type:128 code:0 id:46303
[ 86.617703] Jool NAT64/8e68ca40/s5b: Step 1: Determining the Incoming Tuple
[ 86.617705] Jool NAT64/8e68ca40/s5b: Tuple: 2a13:fc80:e000:1000:f43f:cff:fe95:a673#46303 -> 64:ff9b::808:808#46303 (ICMP)
[ 86.617709] Jool NAT64/8e68ca40/s5b: Done step 1.
[ 86.617711] Jool NAT64/8e68ca40/s5b: Step 2: Filtering and Updating
[ 86.617717] Jool NAT64/8e68ca40/s5b: Routing: 0.0.0.0->8.8.8.8
[ 86.617723] Jool NAT64/8e68ca40/s5b: Packet routed via device 'ipv4uplink'.
[ 86.617727] Jool NAT64/8e68ca40/s5b: BIB entry: 2a13:fc80:e000:1000:f43f:cff:fe95:a673#46303 - 100.64.0.3#63610 (ICMP)
[ 86.617730] Jool NAT64/8e68ca40/s5b: Session entry: 2a13:fc80:e000:1000:f43f:cff:fe95:a673#46303 - 64:ff9b::808:808#46303 | 100.64.0.3#63610 - 8.8.8.8#63610 (ICMP)
[ 86.617734] Jool NAT64/8e68ca40/s5b: Done: Step 2.
[ 86.617736] Jool NAT64/8e68ca40/s5b: Step 3: Computing the Outgoing Tuple
[ 86.617738] Jool NAT64/8e68ca40/s5b: Tuple: 100.64.0.3#63610 -> 8.8.8.8#63610 (ICMP)
[ 86.617741] Jool NAT64/8e68ca40/s5b: Done step 3.
[ 86.617743] Jool NAT64/8e68ca40/s5b: Step 4: Translating the Packet
[ 86.617749] Jool NAT64/8e68ca40/s5b: Done step 4.
[ 86.617752] Jool NAT64/8e68ca40/s5b: Sending packet.
[ 86.617758] Jool NAT64/8e68ca40/s5b: dst_output() returned errcode 1.
Expected behaviour
Jool works fine with fair queueing enabled during boot up, i.e. applying /etc/sysctl.conf.
Setup
- Distribution Debian Bookworm
- Kernel
Linux nat64 6.1.0-17-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.69-1 (2023-12-30) x86_64 GNU/Linux - jool-dkms
4.1.9-1 - jool-tools
4.1.9-1
How to reproduce
- Setup a fresh Debian Bookworm system
- Install jool from Debian repositories
- Add line
net.core.default_qdisc=fqto/etc/sysctl.confand reboot. - Setup stateful NAT64 with jool, i.e.
jool instance add "default" --netfilter --pool6 64:ff9b::/96 - From another IPv6 connected system, try to ping IPv4 endpoint through jool.
Sorry; I cannot reproduce this.
VM:
al@debian12:~$ uname -a
Linux debian12 6.1.0-17-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.69-1 (2023-12-30) x86_64 GNU/Linux
al@debian12:~$ tail -1 /etc/sysctl.conf
net.core.default_qdisc=fq
al@debian12:~$ bin/simple-nat64-network-vm.sh
[sudo] password for al:
al@debian12:~$ jool --version
4.1.9.0
al@debian12:~$ sudo dmesg | tail -2
[ 45.931995] NAT64 Jool v4.1.9.0 module inserted.
[ 45.945391] Jool: Created instance 'default'.
Host:
ahhrk@host:~/bin$ ping6 -c1 64:ff9b::192.0.2.8
PING 64:ff9b::192.0.2.8(64:ff9b::c000:208) 56 data bytes
64 bytes from 64:ff9b::c000:208: icmp_seq=1 ttl=63 time=0.470 ms
--- 64:ff9b::192.0.2.8 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.470/0.470/0.470/0.000 ms
Show VM's reboot:
al@debian12:~$ history | tail -7
44 sudo reboot
45 uname -a
46 tail -1 /etc/sysctl.conf
47 bin/simple-nat64-network-vm.sh
48 jool --version
49 sudo dmesg | tail -2
50 history | tail -7
- Host setup script: simple-nat64-network-host.sh.txt
- VM setup script: simple-nat64-network-vm.sh.txt
(I had to add .txt to force Github to attach them.)
dst_output() 1 is a typical kernel response to an unroutable packet. 1 stands for EPERM, presumably.
Regardless of Jool, can you ping 8.8.8.8 from the translator? After adding net.core.default_qdisc=fq and rebooting, I mean.
(Also: Is that source (100.64.0.3) sensible?)
I believe #400 has resolved this issue, which can now be closed. Jool 4.1.10+ works well with fq.
