Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.8.0 NAT64 and Policy Routing

    Scheduled Pinned Locked Moved NAT
    1 Posts 1 Posters 32 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B Offline
      brshea
      last edited by

      Happy to find nat64 finally supported in pfSense! I have it working great as an all-default NAT64-checked rule.

      However, despite the docs reporting nat64 supports policy routing, return traffic is not making it back to the client when a Gateway is chosen in the otherwise all-default nat64 rule.

      Here's what I'm doing:

      1. Start with a working nat64 setup.
      2. Modify the nat64 rule and set a non-default Gateway (which does work when sending ipv4 traffic directly to it).

      What I'm seeing:
      Monitoring tcpdump on the gateway's interface shows packets coming from the correct internal source ipv4 (the gateway interface's ip) and to the correct destination ipv4 (so the forward nat64 translation is working). I also see packets being returned from the intended ipv4 destination back to the gateway interface's ip. So the gateway is successfully routing the traffic.

      However, when monitoring tcpdump on the interface where the nat64 rule sits, I only see the internally-originating packets being sent (correctly). The return packets seen above coming back to the gateway interface never make it back to this interface where the nat64 rule is.

      Note: Everything is working as expected without nat64, directing some ipv4 traffic to this gateway via policy routing.

      Does anyone have nat64 with policy routing working?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.