1*20137395SAndrew Geissler# 2*20137395SAndrew Geissler# Sample configuration file for TAYGA 0.9.2 3*20137395SAndrew Geissler# 4*20137395SAndrew Geissler# Modify this to use your own addresses!! 5*20137395SAndrew Geissler# 6*20137395SAndrew Geissler 7*20137395SAndrew Geissler# 8*20137395SAndrew Geissler# TUN device that TAYGA will use to exchange IPv4 and IPv6 packets with the 9*20137395SAndrew Geissler# kernel. You may use any name you like, but `nat64' is recommended. 10*20137395SAndrew Geissler# 11*20137395SAndrew Geissler# This device may be created before starting the tayga daemon by running 12*20137395SAndrew Geissler# `tayga --mktun`. This allows routing and firewall rules to be set up prior 13*20137395SAndrew Geissler# to commencement of packet translation. 14*20137395SAndrew Geissler# 15*20137395SAndrew Geissler# Mandatory. 16*20137395SAndrew Geissler# 17*20137395SAndrew Geisslertun-device nat64 18*20137395SAndrew Geissler 19*20137395SAndrew Geissler# 20*20137395SAndrew Geissler# TAYGA's IPv4 address. This is NOT your router's IPv4 address! TAYGA 21*20137395SAndrew Geissler# requires its own address because it acts as an IPv4 and IPv6 router, and 22*20137395SAndrew Geissler# needs to be able to send ICMP messages. TAYGA will also respond to ICMP 23*20137395SAndrew Geissler# echo requests (ping) at this address. 24*20137395SAndrew Geissler# 25*20137395SAndrew Geissler# This address can safely be located inside the dynamic-pool prefix. 26*20137395SAndrew Geissler# 27*20137395SAndrew Geissler# Mandatory. 28*20137395SAndrew Geissler# 29*20137395SAndrew Geissleripv4-addr 192.168.254.1 30*20137395SAndrew Geissler 31*20137395SAndrew Geissler# 32*20137395SAndrew Geissler# TAYGA's IPv6 address. This is NOT your router's IPv6 address! TAYGA 33*20137395SAndrew Geissler# requires its own address because it acts as an IPv4 and IPv6 router, and 34*20137395SAndrew Geissler# needs to be able to send ICMP messages. TAYGA will also respond to ICMP 35*20137395SAndrew Geissler# echo requests (ping6) at this address. 36*20137395SAndrew Geissler# 37*20137395SAndrew Geissler# You can leave ipv6-addr unspecified and TAYGA will construct its IPv6 38*20137395SAndrew Geissler# address using ipv4-addr and the NAT64 prefix. 39*20137395SAndrew Geissler# 40*20137395SAndrew Geissler# Optional if the NAT64 prefix is specified, otherwise mandatory. It is also 41*20137395SAndrew Geissler# mandatory if the NAT64 prefix is 64:ff9b::/96 and ipv4-addr is a private 42*20137395SAndrew Geissler# (RFC1918) address. 43*20137395SAndrew Geissler# 44*20137395SAndrew Geissler#ipv6-addr 2001:db8:1::2 45*20137395SAndrew Geissleripv6-addr fdaa:bb:1::1 46*20137395SAndrew Geissler 47*20137395SAndrew Geissler# 48*20137395SAndrew Geissler# The NAT64 prefix. The IPv4 address space is mapped into the IPv6 address 49*20137395SAndrew Geissler# space by prepending this prefix to the IPv4 address. Using a /96 prefix is 50*20137395SAndrew Geissler# recommended in most situations, but all lengths specified in RFC 6052 are 51*20137395SAndrew Geissler# supported. 52*20137395SAndrew Geissler# 53*20137395SAndrew Geissler# This must be a prefix selected from your organization's IPv6 address space 54*20137395SAndrew Geissler# or the Well-Known Prefix 64:ff9b::/96. Note that using the Well-Known 55*20137395SAndrew Geissler# Prefix will prohibit IPv6 hosts from contacting IPv4 hosts that have private 56*20137395SAndrew Geissler# (RFC1918) addresses, per RFC 6052. 57*20137395SAndrew Geissler# 58*20137395SAndrew Geissler# The NAT64 prefix need not be specified if all required address mappings are 59*20137395SAndrew Geissler# listed in `map' directives. (See below.) 60*20137395SAndrew Geissler# 61*20137395SAndrew Geissler# Optional. 62*20137395SAndrew Geissler# 63*20137395SAndrew Geissler##prefix 2001:db8:1:ffff::/96 64*20137395SAndrew Geisslerprefix 64:ff9b::/96 65*20137395SAndrew Geissler 66*20137395SAndrew Geissler# 67*20137395SAndrew Geissler# Dynamic pool prefix. IPv6 hosts which send traffic through TAYGA (and do 68*20137395SAndrew Geissler# not correspond to a static map or an IPv4-translatable address in the NAT64 69*20137395SAndrew Geissler# prefix) will be assigned an IPv4 address from the dynamic pool. Dynamic 70*20137395SAndrew Geissler# maps are valid for 124 minutes after the last matching packet is seen. 71*20137395SAndrew Geissler# 72*20137395SAndrew Geissler# If no unassigned addresses remain in the dynamic pool (or no dynamic pool is 73*20137395SAndrew Geissler# configured), packets from unknown IPv6 hosts will be rejected with an ICMP 74*20137395SAndrew Geissler# unreachable error. 75*20137395SAndrew Geissler# 76*20137395SAndrew Geissler# Optional. 77*20137395SAndrew Geissler# 78*20137395SAndrew Geisslerdynamic-pool 192.168.254.0/24 79*20137395SAndrew Geissler 80*20137395SAndrew Geissler# 81*20137395SAndrew Geissler# Persistent data storage directory. The dynamic.map file, which saves the 82*20137395SAndrew Geissler# dynamic maps that are created from dynamic-pool, is stored in this 83*20137395SAndrew Geissler# directory. Omit if you do not need these maps to be persistent between 84*20137395SAndrew Geissler# instances of TAYGA. 85*20137395SAndrew Geissler# 86*20137395SAndrew Geissler# Optional. 87*20137395SAndrew Geissler# 88*20137395SAndrew Geisslerdata-dir /var/spool/tayga 89*20137395SAndrew Geissler 90*20137395SAndrew Geissler# 91*20137395SAndrew Geissler# Establishes a single-host map. If an IPv6 host should be consistently 92*20137395SAndrew Geissler# reachable at a specific IPv4 address, the mapping can be specified in a 93*20137395SAndrew Geissler# `map' directive. (IPv6 hosts numbered with an IPv4-translatable address do 94*20137395SAndrew Geissler# not need map directives.) 95*20137395SAndrew Geissler# 96*20137395SAndrew Geissler# IPv4 addresses specified in the `map' directive can safely be located inside 97*20137395SAndrew Geissler# the dynamic-pool prefix. 98*20137395SAndrew Geissler# 99*20137395SAndrew Geissler# Optional. 100*20137395SAndrew Geissler# 101*20137395SAndrew Geissler#map 192.168.5.42 2001:db8:1:4444::1 102*20137395SAndrew Geissler#map 192.168.5.43 2001:db8:1:4444::2 103*20137395SAndrew Geissler#map 192.168.255.2 2001:db8:1:569::143 104