NAT464XLAT with CLATD on Ubuntu 18.04 LTS

Posted on by

Prerequirements

  • IPv6 only subnet
  • NAT64 enabled for this IPv6 only subnet [RFC6146]
  • DNS64, could also be a public one, if you’re using the RFC 6052 prefix 64:ff9b::/96 for NAT64
  • Ubuntu 18.04 LTS or newer
  • Linux skills 😉

Netplan is not working corretly after fresh installation, please modify the netplan config file with the following content:

This file describes the network interfaces available on your system
For more information, see netplan(5).
network:
  ethernets:
    ens160:
      accept-ra: yes

After saving apply the netplan config with: netplan apply

Verify if the network interface is up and running with: ifconfig

Unfortunately DNS64 is not running with the DNS proxy which is installed by default.
Use this google DNS servers if you don’t have your own:

  • 2001:4860:4860::6464
  • 2001:4860:4860::64

or use the free NAT64.net from Kasper Dupont.

Disable DNS Proxy using the following commands:

  • sudo systemctl disable systemd-resolved
  • sudo systemctl stop systemd-resolved
  • rm /etc/resolv.conf

Create a new /etc/resolv.conf file with the following content:

nameserver 2001:4860:4860::6464
nameserver 2001:4860:4860::64

Install the Build-Essentials for compiling software:

apt install build-essential tayga

Fork / download the CLATD from source: https://github.com/toreanderson/clatd

git clone https://github.com/toreanderson/clatd

cd clatd

make

make -C clatd install installdeps

OR Install by script:

curl -s https://henschel.network/scripts/deb_clatd | sudo sh

check if service is working:

service clatd status

Output should look like:

root@v6only:~/clatd# service clatd status
● clatd.service – 464XLAT CLAT daemon
Loaded: loaded (/etc/systemd/system/clatd.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2019-10-22 23:35:36 CEST; 12s ago
Docs: man:clatd(8)
Main PID: 21554 (clatd)
Tasks: 2 (limit: 2319)
CGroup: /system.slice/clatd.service
├─21554 /usr/bin/perl -w /usr/sbin/clatd
└─21598 tayga –config /tmp/c93xfCXt_R –nodetach

Oct 22 23:35:47 v6only clatd[21554]: Creating and configuring up CLAT device ‘clat’
Oct 22 23:35:47 v6only clatd[21554]: Created persistent tun device clat
Oct 22 23:35:47 v6only clatd[21554]: Adding IPv4 default route via the CLAT
Oct 22 23:35:47 v6only clatd[21554]: Starting up TAYGA, using config file ‘/tmp/c93xfCXt_R’
Oct 22 23:35:47 v6only tayga[21598]: starting TAYGA 0.9.2
Oct 22 23:35:47 v6only tayga[21598]: Using tun device clat with MTU 1500
Oct 22 23:35:47 v6only tayga[21598]: TAYGA’s IPv4 address: 192.0.0.2
Oct 22 23:35:47 v6only tayga[21598]: TAYGA’s IPv6 address: 64:ff9b::c000:2
Oct 22 23:35:47 v6only tayga[21598]: NAT64 prefix: 64:ff9b::/96
Oct 22 23:35:47 v6only tayga[21598]: Note: traffic between IPv6 hosts and private IPv4 addresses (i.e. to/from 64:ff9b::10.0.0.0/104, 64:ff9b::192.168.0.0/112, etc) will be dropped. Us

Test with legacy IP:

root@v6only:~/clatd# ping 1.1.1.1 -c 3
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=51 time=2.20 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=51 time=2.15 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=51 time=2.19 ms

— 1.1.1.1 ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 2.153/2.184/2.203/0.044 ms