NPtv6 reverse rule

Started by darkfire, May 12, 2024, 10:32:12 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 12, 2024, 10:32:12 PM
I use NPtv6 to convert the prefix 2001:db8::/48 delegated by the ISP to my ULA addresses fc00::/48. This works as expected.

But when I ping from fc00::1 (internal) an IP address on the delegated prefix it does not work. With pfsense the same setup works but I guess the reason is the binat rules:

opnsense:
Code Select
pfctl -v -s nat | grep binat
binat on external inet6 from fc00::/48 to any -> 2001:db8::/48

pfsense:
Code Select
pfctl -v -s nat | grep binat
binat on em0 inet6 from fc00::/48 to any -> 2001:db8::/48
binat on em0 inet6 from any to 2001:db8::/48 -> fc00::/48    <---- missing on opnsesne

unfortunately I can't check this because I can't create a nat rule on the cli. Does anyone have any ideas on how to solve the problem?
May 13, 2024, 09:06:26 AM #1
Browsing through github I found this pull request from 2021 that removed the reverse binat rule:

https://github.com/opnsense/core/pull/4962

Here is the discussion:

https://github.com/opnsense/core/issues/4879
Hardware:
DEC740
Print
Go Up Pages1
User actions