@Oskar456 thank you for your tutorial at #RIPE87 ripe87.ripe.net/wp-content/upl…

What is the advantage of using #jool like this versus the standard tutorial at #openwrt openwrt.org/docs/guide-user/ne…

#nicmx #ipv6 #nat64

@tschaefer What I had in mind was the restriction from RFC6053 section 3.1, where the well known prefix is supposed to reject non-global legacy IP addresses.

I suppose it's not a big issue if Android's CLAT tries to initiate traffic with such a destination, but the #NAT64 gateway is supposed to decline to translate that destination within the well known prefix, if I understand the RFC correctly.

Very nice! I've done something similar for a #k8s cluster that needed #NAT64 translation for its containers. One thing I did have to add was filtering within the namespace, since Jool was unexpectedly translating RFC1918 addresses when using the well-known prefix.

It was unclear to me why Jool was doing that, but all was easily fixed with some reject rules for each of the rfc1918 address subnets.