Files for running a NAT64 daemon

## etc_default_tayga
# Defaults for tayga initscript
# sourced by /etc/init.d/tayga
# installed at /etc/default/tayga by the maintainer scripts

# Change this to "yes" to enable tayga
RUN="yes"

# Configure interface and set the routes up
CONFIGURE_IFACE="yes"

# Configure NAT44 for the private IPv4 range
CONFIGURE_NAT44="yes"

# Additional options that are passed to the Daemon.
DAEMON_OPTS=""

# IPv4 address to assign to the NAT64 tunnel device
IPV4_TUN_ADDR=""

# IPv6 address to assign to the NAT64 tunnel device
IPV6_TUN_ADDR=""

## etc_netplan_01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
  version: 2
  renderer: networkd
  ethernets:
    ens160:
      addresses:
          - 23.152.160.4/26
          - 2620:13b:0:1000::4/64
      gateway4: 23.152.160.1
      gateway6: 2620:13b:0:1000::1
      nameservers:
          search: [ phirephly.design ]
          addresses:
              - "8.8.8.8"
              - "1.1.1.1"

## etc_quagga_bgpd.conf
!
! Zebra configuration saved from vty
!   2019/02/03 15:05:17
!
!
router bgp 4264646464
 bgp router-id 23.152.160.4
 neighbor 2620:13b:0:1000::1 remote-as 7034
 neighbor 2620:13b:0:1000::1 description BGP session back to core1
 no neighbor 2620:13b:0:1000::1 activate
!
 address-family ipv6
 network 64:ff9b::/96
 neighbor 2620:13b:0:1000::1 activate
 neighbor 2620:13b:0:1000::1 prefix-list nat64-only out
 exit-address-family
 exit
!
ipv6 prefix-list nat64-only seq 5 permit 64:ff9b::/96
!
line vty
!

## etc_quagga_zebra.conf
!
! Zebra configuration saved from vty
!   2019/02/03 15:05:17
!
hostname kwfnat64
password zebra
enable password zebra
!
interface ens160
!
interface lo
!
interface nat64
!
ipv6 prefix-list nat64-only seq 5 permit 64:ff9b::/96
!
ip forwarding
ipv6 forwarding
!
!
line vty
!

## etc_sysctl.conf
# ... SNIP the rest of this file except the two important lines

net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1

## etc_tayga.conf
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
net.ipv6.conf.all.forwarding=1
# TUN device that TAYGA will use to exchange IPv4 and IPv6 packets with the
# kernel.  You may use any name you like, but `nat64' is recommended.

tun-device nat64

# TAYGA's IPv4 address.  This is NOT your router's IPv4 address!  TAYGA
# requires its own address because it acts as an IPv4 and IPv6 router, and
# needs to be able to send ICMP messages.  TAYGA will also respond to ICMP
# echo requests (ping) at this address.
#
# This address can safely be located inside the dynamic-pool prefix.
#
# We're using the pool 100.65.0.0/16, so lets take the first addr in that pool
#
# Mandatory.
#
ipv4-addr 100.65.0.1

#
# TAYGA's IPv6 address.  This is NOT your router's IPv6 address!  TAYGA
# requires its own address because it acts as an IPv4 and IPv6 router, and
# needs to be able to send ICMP messages.  TAYGA will also respond to ICMP
# echo requests (ping6) at this address.
#
# Optional if the NAT64 prefix is specified, otherwise mandatory.  It is also
# mandatory if the NAT64 prefix is 64:ff9b::/96 and ipv4-addr is a private
# (RFC1918) address.
#
# This is set to our system's public IP address to match /etc/netplan/01-netcfg.yaml

ipv6-addr 2620:13B:0:1000::4

#
# The NAT64 prefix.  The IPv4 address space is mapped into the IPv6 address
# space by prepending this prefix to the IPv4 address.  Using a /96 prefix is
# recommended in most situations, but all lengths specified in RFC 6052 are
# supported.
#
# This must be a prefix selected from your organization's IPv6 address space
# or the Well-Known Prefix 64:ff9b::/96.  Note that using the Well-Known
# Prefix will prohibit IPv6 hosts from contacting IPv4 hosts that have private
# (RFC1918) addresses, per RFC 6052.
#
# The NAT64 prefix need not be specified if all required address mappings are
# listed in `map' directives.  (See below.)
#
# Optional.
#
# 64:ff9b is the standard prefix used by public DNS64 servers
prefix 64:ff9b::/96

#
# Dynamic pool prefix.  IPv6 hosts which send traffic through TAYGA (and do
# not correspond to a static map or an IPv4-translatable address in the NAT64
# prefix) will be assigned an IPv4 address from the dynamic pool.  Dynamic
# maps are valid for 124 minutes after the last matching packet is seen.
#
# If no unassigned addresses remain in the dynamic pool (or no dynamic pool is
# configured), packets from unknown IPv6 hosts will be rejected with an ICMP
# unreachable error.
#
# Optional.
#
# We picked this out of the carrier grade NAT 100.64.0.0/10 pool.
#   Not that it particularly matters. This pool of addresses never leaves this host
#
dynamic-pool 100.65.0.0/16

#
# Persistent data storage directory.  The dynamic.map file, which saves the
# dynamic maps that are created from dynamic-pool, is stored in this
# directory.  Omit if you do not need these maps to be persistent between
# instances of TAYGA.
#
# Optional.
#
data-dir /var/spool/tayga

## ip_route_sanity_check
kenneth@kwfnat64:~$ ip route
default via 23.152.160.1 dev ens160 proto static
23.152.160.0/26 dev ens160 proto kernel scope link src 23.152.160.4
100.65.0.0/16 dev nat64 scope link
kenneth@kwfnat64:~$ ip -6 route
64:ff9b::/96 dev nat64 metric 1024 pref medium
2620:13b:0:1000::/64 dev ens160 proto kernel metric 256 pref medium
2620:13b:0:1000::/64 dev ens160 proto ra metric 1024 pref medium
fe80::/64 dev ens160 proto kernel metric 256 pref medium
fe80::/64 dev nat64 proto kernel metric 256 pref medium
default proto static metric 1024
	nexthop via 2620:13b:0:1000::1 dev ens160 weight 1
	nexthop via fe80::209:7bff:fe9f:580 dev ens160 weight 1