|
# Uncomment the next line to enable packet forwarding for IPv4 |
|
net.ipv4.ip_forward=1 |
|
# Uncomment the next line to enable packet forwarding for IPv6 |
|
net.ipv6.conf.all.forwarding=1 |
|
# TUN device that TAYGA will use to exchange IPv4 and IPv6 packets with the |
|
# kernel. You may use any name you like, but `nat64' is recommended. |
|
|
|
tun-device nat64 |
|
|
|
# TAYGA's IPv4 address. This is NOT your router's IPv4 address! TAYGA |
|
# requires its own address because it acts as an IPv4 and IPv6 router, and |
|
# needs to be able to send ICMP messages. TAYGA will also respond to ICMP |
|
# echo requests (ping) at this address. |
|
# |
|
# This address can safely be located inside the dynamic-pool prefix. |
|
# |
|
# We're using the pool 100.65.0.0/16, so lets take the first addr in that pool |
|
# |
|
# Mandatory. |
|
# |
|
ipv4-addr 100.65.0.1 |
|
|
|
# |
|
# TAYGA's IPv6 address. This is NOT your router's IPv6 address! TAYGA |
|
# requires its own address because it acts as an IPv4 and IPv6 router, and |
|
# needs to be able to send ICMP messages. TAYGA will also respond to ICMP |
|
# echo requests (ping6) at this address. |
|
# |
|
# Optional if the NAT64 prefix is specified, otherwise mandatory. It is also |
|
# mandatory if the NAT64 prefix is 64:ff9b::/96 and ipv4-addr is a private |
|
# (RFC1918) address. |
|
# |
|
# This is set to our system's public IP address to match /etc/netplan/01-netcfg.yaml |
|
|
|
ipv6-addr 2620:13B:0:1000::4 |
|
|
|
# |
|
# The NAT64 prefix. The IPv4 address space is mapped into the IPv6 address |
|
# space by prepending this prefix to the IPv4 address. Using a /96 prefix is |
|
# recommended in most situations, but all lengths specified in RFC 6052 are |
|
# supported. |
|
# |
|
# This must be a prefix selected from your organization's IPv6 address space |
|
# or the Well-Known Prefix 64:ff9b::/96. Note that using the Well-Known |
|
# Prefix will prohibit IPv6 hosts from contacting IPv4 hosts that have private |
|
# (RFC1918) addresses, per RFC 6052. |
|
# |
|
# The NAT64 prefix need not be specified if all required address mappings are |
|
# listed in `map' directives. (See below.) |
|
# |
|
# Optional. |
|
# |
|
# 64:ff9b is the standard prefix used by public DNS64 servers |
|
prefix 64:ff9b::/96 |
|
|
|
# |
|
# Dynamic pool prefix. IPv6 hosts which send traffic through TAYGA (and do |
|
# not correspond to a static map or an IPv4-translatable address in the NAT64 |
|
# prefix) will be assigned an IPv4 address from the dynamic pool. Dynamic |
|
# maps are valid for 124 minutes after the last matching packet is seen. |
|
# |
|
# If no unassigned addresses remain in the dynamic pool (or no dynamic pool is |
|
# configured), packets from unknown IPv6 hosts will be rejected with an ICMP |
|
# unreachable error. |
|
# |
|
# Optional. |
|
# |
|
# We picked this out of the carrier grade NAT 100.64.0.0/10 pool. |
|
# Not that it particularly matters. This pool of addresses never leaves this host |
|
# |
|
dynamic-pool 100.65.0.0/16 |
|
|
|
# |
|
# Persistent data storage directory. The dynamic.map file, which saves the |
|
# dynamic maps that are created from dynamic-pool, is stored in this |
|
# directory. Omit if you do not need these maps to be persistent between |
|
# instances of TAYGA. |
|
# |
|
# Optional. |
|
# |
|
data-dir /var/spool/tayga |