status: resolved !
thx~ , everyone!
I solved it now.
Resion:
Beause I used MASQUERADE in my iptables ruels ; but my ip is a
configured static , not by ppoe. So I use SNAT target instead to find
that pkts coud be NATed .
may MASQUERADE can only figure out *PPOE* like interface .
anyway, the question is sovled. thx~
--
shchao.max
马树超 <shuchao.max@xxxxxxxxx> 于2019年4月1日周一 下午10:40写道:
>
> Hi, all
> Recently,I worked on the "IPv6 NAT gateway" based on ip6tables+netfilter.
>
>
> Question Description:
> - Host A:a machine with an ipv6-A address(could be reached world-globally)
> - Host B: a machine with an ipv6-B address(could not be reached outside)
> -
> AIM:
> - I want let Host-B reach outsite-Internet by Host-A ( IPv6-NAT )
> Question:
> - I create a ipv6-vxlan tunnel between Host-A and Host-B.
> - And set "forwarding = 1" on A&B
> - and set ip6tables rule like this:
> - ip6tables -t nat -A POSTROUTING -p tcp -s
> 2400:da00:e006:5e01::/64 -o xgbe1 -j MASQUERADE
> - But:
> - I can find packets on vxlan device on Host-A.(by "tcpdump -i
> $vxlan_device_name )
> - but, these packtets Just are lost, and not NATed , and not
> routed to POSTROUTING
> - "ip6tables -t nat -nvL" show that there are nothing pkts passed.
>
>
> what can do for this? I don't kown how to solve it or analyze it.
>
> ---
> shuchao.max
