ndproxy - add cloud example and refer to it in ipv6 document #717
Conversation
|
@AdSchellevis I've tested this but I had to change two things to make it work:
Afterwards my client with the ULA could ping the internet. All in all this setup seems pretty promising as it eliminates most of the pain points of using the GUA on the LAN side. Thank you. |
|
@Monviech it might be the case that my wan was in promisc as I installed the package from the repo on our end. just to be sure, did you reboot the machine (clean state) to validate if the lan mac doesn't work? In my setup it didn't make much of a difference, but I may have to check the source to understand what they actually try to do there. |
|
I think it should be wan in our case indeed as we try to update the ND database from our wan end, ref https://github.com/AlexandreFenyo/ndproxy/blob/dd93a2498569dff70e5c2654f51cc196e64d8300/ndpacket.c#L363 According to the source, they need promisc in order for the proxy to work In theory we should only need a limited "proxy" feature, which registers the addresses we use on our end (actually the mapped ones from the local net), I'll update the doc and retest it on my end. Still not a huge fan of this stuff, the code doesn't look very well organized in my humble opinion, but having a option which fits sane architectural choices beats having none in suppose. |
|
It would still be pretty cool if the code would only join the needed multicast groups selectively, which I think would remove the need for promisc or allmulti. The kernel should be able to handle this natively. EDIT: But yeah, reading the source they make it pretty clear... |
|
To some degree it would make sense if the kernel could handle this, but realistically, this isn't very different from how Searching google a bit, seems to suggest it's roughly the same on linux (https://github.com/setaou/ndp-proxy) |
AdSchellevis
force-pushed
the
ndproxy_cloud_ndp
branch
from
e9132e3 to
ca701e7
Compare
Add an example where ndproxy can be of use