Implementing 464XLAT at a small WISP
JORDI PALET MARTINEZ
jordi.palet at consulintel.es
Thu Dec 28 10:43:43 UTC 2017
I’ve customers with have 1Gbit FTTH link using LEDE with NAT.
Depending on the hardware (I’m talking about Chinese made routers with cost less than 50 USD) they easily reach 9xx Mbits. It may depend on the chip set, as some LEDE implementations take advantage of hardware NAT.
I’ve tested it myself with iperf, simulating a WAN link to traverse the router in a 2 LAN lab environment. The tests have been done using both, native IPv4 and CLAT (so having only IPv6 in the WAN link).
Regular LEDE stable firmware, in most of the devices, don’t support by default hardware NAT, so you can in those cases, reach 500-600 Mbits, again, depending on specific hardware.
So, I don’t think number of users is an issue.
Not sure if that’s responding your question …
Regards,
Jordi
-----Mensaje original-----
De: Loganaden Velvindron <logan at hackers.mu>
Responder a: <logan at hackers.mu>
Fecha: jueves, 28 de diciembre de 2017, 10:52
Para: <jordi.palet at consulintel.es>
CC: <nanog at nanog.org>
Asunto: Re: Implementing 464XLAT at a small WISP
On Thu, Dec 28, 2017 at 1:11 PM, JORDI PALET MARTINEZ
<jordi.palet at consulintel.es> wrote:
> Nice ;-)
>
> I’ve been doing this for some time already … and have trials with several customers (tens of thousands of customers).
>
> Note that most of the routers that support LEDE (quite a big list), will work by default with a standard stable release.
>
I'm curious about the limits in terms of number of users from running
OpenWRT/LEDE on this kind of gear. Afaik, LEDE or OpenWRT do not have
customer drivers that push a lot of traffic. Often the linux driver
running on the default firmware is developed out of the free.
https://pappp.net/?p=1525
> You mention it, but we use something like for the offload:
> ethtool --offload eth0 gro off lro off
> ethtool --offload eth1 gro off lro off
>
> Also, for the DNS64, I use exclude. It can be improved also to avoid including (in the exclusion) the prefixes for transition mechanisms, such as 2001::/32, 2002::/16, etc.
>
> dns64 64:ff9b::/96 {
> clients { any; };
> mapped { any; };
> exclude { 0::/3; 4000::/2; 8000::/1; 2001:db8::/32; };
> break-dnssec no;
> };
>
> I’ve an ID on this:
>
> https://datatracker.ietf.org/doc/draft-palet-v6ops-464xlat-deployment/
>
>
> I’m working in the next few days in a review of this, so any inputs are welcome!
>
> Regards,
> Jordi
>
> -----Mensaje original-----
> De: NANOG <nanog-bounces at nanog.org> en nombre de Brock Tice <brock at bmwl.co>
> Responder a: <brock at bmwl.co>
> Fecha: jueves, 28 de diciembre de 2017, 1:48
> Para: <nanog at nanog.org>
> Asunto: Implementing 464XLAT at a small WISP
>
> We recently deployed our first half-dozen IPv6-only customers after 6+
> months of testing, using 464XLAT.
>
> It took me ages to sort all this out, so I hope someone finds this
> helpful. Feedback very much welcome.
>
> https://blog.brocktice.com/2017/12/27/deploying-464xlat-for-ipv6-only-clients-on-a-small-wisp-network-with-mikrotik-routers/
>
>
>
>
> **********************************************
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.consulintel.es
> The IPv6 Company
>
> This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
>
>
>
**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company
This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
More information about the NANOG
mailing list