mirror of
https://github.com/toreanderson/clatd
synced 2026-03-01 19:34:53 +00:00
f0d7c09adf
This moves the route for IPv6 traffic from the PLAT to the CLAT into a separate routing table, and uses the Linux kernel's routing policy framework to redirect traffic into this routing table. This makes it possible to set `clat-v6-addr` to an address also used by the main host OS, removing the requirement for having a dedicated secondary address assigned to the CLAT. Additionally, support using nftables to set a connection tracking mark on outbound connections from the CLAT, and ensuring only return traffic matching that mark is returned back to the CLAT. This makes it possible for the CLAT to share an IPv6 address with the main host OS without breaking connectivity to DNS64-synthesised IPv6 addresses. The trade-off of using a connection tracking mark is that the CLAT can not receive unsolicited traffic from the IPv4 Internet via the PLAT. However in the common case, where the PLAT is Stateful NAT64, that is the case no matter what. Closes #25.
2.1 KiB
2.1 KiB