Add support for new ipxlat kernel driver (WIP)

Needs the kernel module from https://codeberg.org/IPv6-Monostack/ipxlat-net-next and user-space utility from https://codeberg.org/IPv6-Monostack/ipxlat. Not functional yet...
Merge pull request #51 from UnderEu/patch-1
2026-03-29 00:45:37 +00:00 · 2026-03-28 12:51:36 +01:00 · 2025-03-23 11:30:06 +01:00 · 2025-03-22 22:10:44 -03:00
1 changed files with 38 additions and 9 deletions
--- a/47
+++ b/47
@@ -42,6 +42,7 @@ $CFG{"clat-v4-addr"} = "192.0.0.1";	# from RFC 7335
 $CFG{"clat-v6-addr"} = "shared";	# re-use primary address from host OS
 $CFG{"dns64-servers"} = undef;		# use system resolver by default
 $CFG{"cmd-ip"} = "ip";			# assume in $PATH
+$CFG{"cmd-ipxlat-ctl"} = "ipxlat-ctl";	# assume in $PATH
 $CFG{"cmd-networkctl"} = "networkctl";	# assume in $PATH
 $CFG{"cmd-nft"} = "nft";		# assume in $PATH
 $CFG{"cmd-tayga"} = "tayga";		# assume in $PATH
@@ -62,6 +63,7 @@ $CFG{"v4-defaultroute-replace"} = 0;	# replace existing v4 defaultroute?
 $CFG{"v4-defaultroute-metric"} = 2048;	# metric for the IPv4 defaultroute
 $CFG{"v4-defaultroute-mtu"} = 1260;	# MTU for the IPv4 defaultroute
 $CFG{"v4-defaultroute-advmss"} = 0;	# TCP MSS for the IPv4 defaultroute
+$CFG{"xlat-engine"} = undef;		# which translation engine to use


 #
@@ -392,7 +394,7 @@ sub get_plat_prefix_from_dns64 {
    p("No PLAT prefix could be discovered, using fallback");
    return $CFG{"plat-fallback-prefix"};
  } else {
-    p("No PLAT prefix could be discovered. Your ISP probably doesn't provide",
+    p("No PLAT prefix could be discovered. Your connection probably doesn't provide",
      " NAT64/DNS64 PLAT service. Exiting.");
    cleanup_and_exit(0);
  }
@@ -666,6 +668,7 @@ sub get_clat_v6_addr {
 #
 my $cleanup_remove_tayga_clat_dev;	# true if having created it
 my $cleanup_remove_nat46_clat_dev;	# true if having created it
+my $cleanup_remove_ipxlat_clat_dev;	# true if having created it
 my $cleanup_delete_taygaconf;		# true if having made a temp confile
 my $cleanup_zero_forwarding_sysctl;	# zero forwarding sysctl if set
 my @cleanup_accept_ra_sysctls;		# accept_ra sysctls to be reset to '1'
@@ -697,6 +700,9 @@ sub cleanup_and_exit {
    print $nat46_control_fh "del ", cfg("clat-dev"), "\n";
    close($nat46_control_fh) or err("close($nat46_control_fh: $!");
  }
+  if(defined($cleanup_remove_ipxlat_clat_dev)) {
+    cmd(\&w, cfg("cmd-ip"), qw(link delete dev), cfg("clat-dev"));
+  }
  if(defined($cleanup_zero_forwarding_sysctl)) {
    d("Cleanup: Resetting forwarding sysctl to 0");
    sysctl("net/ipv6/conf/all/forwarding", 0);
@@ -907,17 +913,31 @@ if(cfgbool("v4-conncheck-enable") and !cfgbool("v4-defaultroute-replace")) {
  d("Skipping IPv4 connectivity check at user request");
 }

-# Let's figure out if there's nat46 kernel module loaded
-my $nat46_controlfile = "/proc/net/nat46/control";
-my $use_nat46 = (-e $nat46_controlfile);

+my $nat46_controlfile = "/proc/net/nat46/control";
+
+#
+# Auto-detect which translation engine to use if not specified in config
+if(!cfg("xlat-engine") and (-e $nat46_controlfile)) {
+  p("Using translation engine: nat46");
+  $CFG{"xlat-engine"} = "nat46";
+} elsif(!cfg("xlat-engine") and can_run(cfg("cmd-ipxlat-ctl"))) {
+  p("Using translation engine: ipxlat");
+  $CFG{"xlat-engine"} = "ipxlat";
+} elsif(!cfg("xlat-engine") and can_run(cfg("cmd-tayga"))) {
+  p("Using translation engine: TAYGA");
+  $CFG{"xlat-engine"} = "tayga";
+} elsif(!cfg("xlat-engine")) {
+  err("No supported translation engine available. Please install TAYGA or ensure ",
+      "either the nat46 or ipxlat kernel modules is loaded.");
+}


 #
 # Write out the TAYGA config file, either to the user-specified location,
 # or to a temporary file (which we'll delete later)
 #
-unless($use_nat46) {
+if(cfg("xlat-engine") eq "tayga") {
  my $tayga_conffile = cfg("tayga-conffile");
  my $tayga_conffile_fh;
  if(!$tayga_conffile) {
@@ -1027,14 +1047,17 @@ close($fd) or err("'ip -6 rule show prio 0 table local' failed");
 # route to the corresponding IPv6 address, and possibly an IPv4 default route
 #
 p("Creating and configuring up CLAT device '", cfg("clat-dev"), "'");
-if($use_nat46) {
+if(cfg("xlat-engine") eq "nat46") {
  my $nat46_control_fh;
  open($nat46_control_fh, ">$nat46_controlfile") or
      err("Could not open nat46 control socket for writing");
  print $nat46_control_fh "add ", cfg("clat-dev"), "\n";
  close($nat46_control_fh) or err("close($nat46_control_fh: $!");
  $cleanup_remove_nat46_clat_dev = 1;
-} else {
+} elsif(cfg("xlat-engine") eq "ipxlat") {
+  cmd(\&err, cfg("cmd-ip"), qw(link add name), cfg("clat-dev"), qw(type ipxlat));
+  $cleanup_remove_ipxlat_clat_dev = 1;
+} elsif(cfg("xlat-engine") eq "tayga") {
  cmd(\&err, cfg("cmd-tayga"), "--config", cfg("tayga-conffile"), "--mktun",
      cfgint("debug") ? "-d" : "");
  $cleanup_remove_tayga_clat_dev = 1;
@@ -1116,7 +1139,7 @@ if(cfg("script-up")) {
 # All preparation done! We can now start nat46 or TAYGA, which will handle the actual
 # translation of IP packets.
 #
-if($use_nat46){
+if(cfg("xlat-engine") eq "nat46") {
  p("Setting up nat46 kernel module");
  my $nat46_control_fh;
  open($nat46_control_fh, ">$nat46_controlfile") or
@@ -1132,7 +1155,13 @@ if($use_nat46){
  $SIG{'INT'} = \&cleanup_handler;
  $SIG{'TERM'} = \&cleanup_handler;
  sleep();
-} else {
+} elsif(cfg("xlat-engine") eq "ipxlat") {
+  cmd(\&err, cfg("cmd-ipxlat-ctl"), cfg("clat-dev"), "pool6", cfg("plat-prefix"));
+  # Nothing more to do here, we just set up a cleanup handler and sleep forever.
+  $SIG{'INT'} = \&cleanup_handler;
+  $SIG{'TERM'} = \&cleanup_handler;
+  sleep();
+} elsif(cfg("xlat-engine") eq "tayga") {
  my $tayga_conffile = cfg("tayga-conffile");
  p("Starting up TAYGA, using config file '$tayga_conffile'");