• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1Provides stateless source IPv6-to-IPv6 Network Prefix Translation (as described
2by RFC 6296).
3.PP
4You have to use this target in the
5.B mangle
6table, not in the
7.B nat
8table. It takes the following options:
9.TP
10\fB\-\-src\-pfx\fP [\fIprefix/\fP\fIlength]
11Set source prefix that you want to translate and length
12.TP
13\fB\-\-dst\-pfx\fP [\fIprefix/\fP\fIlength]
14Set destination prefix that you want to use in the translation and length
15.PP
16You have to use the DNPT target to undo the translation. Example:
17.IP
18ip6tables \-t mangle \-I POSTROUTING \-s fd00::/64 \! \-o vboxnet0
19\-j SNPT \-\-src-pfx fd00::/64 \-\-dst-pfx 2001:e20:2000:40f::/64
20.IP
21ip6tables \-t mangle \-I PREROUTING \-i wlan0 \-d 2001:e20:2000:40f::/64
22\-j DNPT \-\-src-pfx 2001:e20:2000:40f::/64 \-\-dst-pfx fd00::/64
23.PP
24You may need to enable IPv6 neighbor proxy:
25.IP
26sysctl -w net.ipv6.conf.all.proxy_ndp=1
27.PP
28You also have to use the
29.B NOTRACK
30target to disable connection tracking for translated flows.
31