mastodon.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
The original server operated by the Mastodon gGmbH non-profit

Administered by:

Server stats:

323K
active users

Ondřej Caletka

@goetz Thanks for the feedback! I was not aware there is a (minimal) UCI integration done for Jool - it was not there before.

There's still issue with running Jool in the main network namespace as it is not controllable by firewall rules, does not translate locally-generated traffic, fights over dynamic port numbers and needs to be reconfigured every time the public IPv4 changes. This is all resolved by running in a namespace.

I may look into improving the integration to support namespaces.

@goetz Also, NAT64 alone only fixes part of the problem, you still have to deal with jurassic IP literals which is where xLAT + all companion features come in

@UnderEu thanks for the heads up. Yes, DNS64 is needed here for most use cases, for devices not utilizing CLAT or similar. The unbound or AdguardHome to the rescue. Only a few edge cases remain, but this is for another day.

@Oskar456 Thank you for the explanation.
If you allow, I would like to integrate your tutorial into the #openwrt wiki?
As you describe the current minimal example has this short commings.

@Oskar456 reading your slides again, it's clearly there:
"Stealing packets in the PREROUTING, injecting translated
packets into POSTROUTING
- Hard to enforce firewall rules
- Translation not available for locally generated traffic"

One just needs to read it though. :awesome: