| 24 Jun 2025 |
 emily | I like Tundra's thing where it does stateless NAT64 by relying on the kernel NAT66 to service multiple hosts | 12:57:52 |
| emily | I think you could ideally do BPF + kernel NAT66 for that | 12:58:12 |
| emily | https://github.com/systemd/systemd/issues/23674#issuecomment-2625544068 is my source for in-kernel CLAT being worked on | 12:59:27 |
| emily | as of half a year ago | 12:59:29 |
| emily | but it looks like it's been taking a while :) | 12:59:46 |
| emily | https://gist.github.com/danderson/664bf95f372acf106982bcc29ff56b53 outlines a very simple in-kernel design that would plug into NAT66 to do the whole thing | 13:00:22 |
| emily | I think something like that would be ideal if the kernel is willing to take it, since it would simplify things greatly | 13:00:39 |
| emily | I'm hoping to play around with the options here soon since I would like to make my home network v6-only | 13:01:27 |
 hexa (clat on linux when) | my wifi has been ipv6-mostly (https://www.ietf.org/archive/id/draft-link-v6ops-6mops-00.html) and internet connectivity regularly breaks for my android | 13:02:36 |
| hexa (clat on linux when) | I once debugged this down to it dropping out of the neighbor discovery group during sleep | 13:02:56 |
| emily | (on the NAT64 translator end mostly, since I do not yet have Linux clients connecting directly to the network and macOS and Android both do it OOTB, but if I play around with the BPF stuff or Tundra it should generalize) | 13:03:36 |
| hexa (clat on linux when) | and we reported this back when I was on a Pixel 3a … during early covid maybe? | 13:03:44 |
| hexa (clat on linux when) | * and we reported this to the Android team back when I was on a Pixel 3a … during early covid maybe? | 13:03:54 |
| emily | I was on a Pixel 3 last year… 🤪 | 13:04:13 |
| emily | that's annoying though | 13:04:29 |
| emily | I thought Android was pretty good at v6 at this point | 13:04:40 |
| emily | is it specifically that it forgets it's v6-only? | 13:04:49 |
| hexa (clat on linux when) | it drops multicast/broadcast frames while asleep | 13:05:14 |
| hexa (clat on linux when) | so dhcp renewals work, but ndp breaks | 13:05:38 |
| emily | my hope is that I can tier things like v6 only and CLAT expected → v6 only and DNS64 server advertised → dual stack | 13:05:49 |
| hexa (clat on linux when) | https://mailarchive.ietf.org/arch/msg/ipv6/QgHnYoT8-ur4epJHUNflrsh7sA4/ | 13:05:54 |
| emily | and hopefully delay introducing the latter two as long as possible | 13:05:55 |
| hexa (clat on linux when) |
NOTE: some good access points do b/mcast to unicast conversion, and
send everything as unicast. This is much more common in enterprise
wifi gear. This solves the mcast loss problem entirely.
| 13:06:02 |
| hexa (clat on linux when) | 🤔 | 13:06:07 |
| emily | (well, "CLAT or local DNS64 expected") | 13:06:23 |
| emily | (in some ways the latter is nicer if you can get away with it since you can get rid of kernel v4 stack) | 13:06:35 |
| hexa (clat on linux when) | lol multicast_to_unicast in hostapd | 13:06:57 |
| emily | (but I do not love non-local DNS64 because I still hold on to childish delusions about the end-to-end principle and DNSSEC) | 13:07:00 |
| hexa (clat on linux when) | dns64 is dead | 13:07:09 |
| hexa (clat on linux when) | 464xlat or else | 13:07:14 |
