At present, there are configuration options about nptv6 in vyos version, but they seem to have no effect. Does anyone know how to implement this feature.
Referring to H3C, nptv6 is also called nat66 technology. In fact, it is SNAT and DNAT implemented by IPv6. Different from IPv4, nat66 only supports 1-to-1 mapping of routing prefix, which will provide vyos with nat66 experimental support supporting SNPT and DNPT. This implementation needs to be tested. Please summarize all bugs and modification suggestions under this task for tracking.
set nat66 source rule <ruleid> description <description>
set nat66 source rule <ruleid> disable
set nat66 source rule <ruleid> log
set nat66 source rule <ruleid> source prefix <prefix>
set nat66 source rule <ruleid> translation prefix <prefix>|masquerade
set nat66 destination rule <ruleid> description <description>
set nat66 destination rule <ruleid> disable
set nat66 destination rule <ruleid> log
set nat66 destination rule <ruleid> destination address <ipv6-address>
set nat66 destination rule <ruleid> translation address <ipv6-address>
I refer to the configuration structure of H3C. In the original command structure, nptv6 does not support the division of SNAT and DNAT. In order to implement nat66, I separated it for the following reasons:
1. I can modify it according to the existing script of NAT, and I can modify it less nat.py , I created nat66 and the independent `nftables-nat66.tmpl` to complete the implementation of nat66.
2. It can fully support the configuration of SNPT and DNPT in nat66. If users do not need SNPT or DNPT, it should not take effect by default.
Note: since I am in China, I said that the H3C device document I read is in Chinese, so I didn't want to put it up at first, because it may increase your reading difficulty. If you can, please refer to (H3C supports English version, but I haven't found the corresponding page of English version for the moment).
My initial implementation of npt is in: