Connecting RIOT's GNRC with IPv4

RIOT’s default network stack GNRC currently only supports IPv6 (which is a sane and future-proof choice for an IoT-focussed network stack. However, unfortunately some services in the Internet are still only accessible via legacy IP. (Azure IoT Hub, for instance.)

Hence, in order to connect a RIOT powered device to such a legacy service, you can either opt for LWIP (and miss many of GNRC’s great features) or use NAT64 to translate between IPv6 and IPv4.

For the second solution, all you need is a device that acts as a NAT64 gateway. You can, for instance, choose any Linux device (e.g., a Raspberry Pi or your regular Linux PC/laptop) and install one of the NAT64 packages like tayga or jool. In the following, I’ll go with Tayga and show how you can connect a RIOT native instance via GNRC to an IPv4 network:

1. Configure tayga via its config file (typically in /etc/tayga.conf or /usr/etc/tayga.conf:

   tun-device nat64
   ipv4-addr 192.168.178.224
   ipv6-addr fd12:dead:beef::4107
   prefix 64:ff9b::/96
   dynamic-pool 192.168.178.224/28
   data-dir /var/spool/tayga
   

   In this case, I assume that the IPv4 prefix used by router is 192.168.178.0/24 and address from 192.168.178.224/28 are not going to be assigned to any host in your network.

2. Start tayga and make sure that forwarding is enabled for IPv4 and IPv6:

   sudo /usr/sbin/tayga --mktun
   sudo /sbin/sysctl net.ipv6.conf.all.forwarding=1
   sudo /sbin/sysctl net.ipv4.conf.all.forwarding=1
   sudo /sbin/ip addr add 192.168.178.224/27 dev nat64
   sudo /sbin/ip link set nat64 up
   sudo /sbin/ip -6 route add 64:ff9b::/96 dev nat64
   sudo /sbin/sysctl net.ipv4.conf.eth0.proxy_arp=1
   sudo /usr/sbin/tayga
   

3. Navigate to your RIOT directory and create a bridge interface without uplink via

   sudo dist/tools/tapsetup/tapsetup
   

4. Add an ULA address to the bridge interface, e.g.:

   sudo ip address add fd12:dead:beef::1/64 dev tapbr0
   

5. Start a RIOT instance with GNRC support, e.g.:

   make -C examples/gnrc_networking all term
   

6. Add an ULA address to native’s interface, e.g.:

   ifconfig 6 add fd12:dead:beef::200/64
   

7. Configure the bridge interface as default gateway on RIOT, e.g.:

   nib route add 6 :: fd12:dead:beef::1
   

8. Check if pinging of nat64 addresses works, e.g.,

   ping 64:ff9b::8c52:7904
   

9. Happy networking!

Categories: ["riot"]