NAT64 on VRRP IP

Bugs
1

Hello everyone,

I have an IPv6 mostly network.
I’m trying to do nat64 for a specific host with a specific v4 address (I already have nat64 working).
Let’s say that the following IPv4 is part of my “IPV4” VRRP group : 1.1.1.1
It’s currently unused.

Here what I’m doing :

set nat64 source rule 50 source prefix '2001:db8:e00:e310::6/128'  
set nat64 source rule 50 translation pool 50 port '1-65535'
set nat64 source rule 50 translation pool 50 address '1.1.1.1'

However, when I commit, I get the following error :

[ nat64 ]
Traceback (most recent call last):
  File "/usr/libexec/vyos/services/vyos-configd", line 145, in run_script
    script.verify(c)
  File "/usr/libexec/vyos//conf_mode/nat64.py", line 73, in verify
    if is_node_changed(config, base_src + [f"instance-{num}", "mode"]):
                       ^^^^^^
NameError: name 'config' is not defined

[[nat64]] failed
Commit failed

I’m not sure if I’m doing something unexpected, or if it’s a bug in VyOS (1.5-rolling-202506191352).

Don’t hesitate to ping me if you know :slight_smile: !

2

It is a bug in your image version, as it was not built by our team. Official builds do not have this bug.

With your provided config:

vyos@r14# set nat64 source rule 50 source prefix '2001:db8:e00:e310::6/128'  
[edit]
vyos@r14# set nat64 source rule 50 translation pool 50 port '1-65535'
[edit]
vyos@r14# set nat64 source rule 50 translation pool 50 address '1.1.1.1'
[edit]
vyos@r14# commit
[ nat64 ]
Source NAT64 rule 50 source prefix must be /96
[[nat64]] failed
Commit failed
[edit]
vyos@r14# 
[edit]
vyos@r14# run show ver
Version:          VyOS 2025.06.24-0020-rolling
Release train:    current
Release flavor:   generic

Built by:         [email protected]
Built on:         Tue 24 Jun 2025 00:20 UTC
Build UUID:       e9dff867-16c0-4cd1-ae14-e552e3c6abd7
Build commit ID:  3222553a260ae5
3

Hello @Viacheslav ,
Thanks for your quick answer. I’ve switched to the official build and I can confirm that I still get the error :

cchristiaens@r1-test:~$ sh version
Version:          VyOS 2025.06.24-0020-rolling
Release train:    current
Release flavor:   generic

Built by:         [email protected]
Built on:         Tue 24 Jun 2025 00:20 UTC
Build UUID:       e9dff867-16c0-4cd1-ae14-e552e3c6abd7
Build commit ID:  3222553a260ae5

[...]

Copyright:        VyOS maintainers and contributors
cchristiaens@r1-test:~$ conf
[edit]
cchristiaens@r1-test# set nat64 source rule 50 source prefix '2001:db8:e00:e310::6/128'
[edit]
cchristiaens@r1-test# set nat64 source rule 50 translation pool 50 address '1.1.1.1'
[edit]
cchristiaens@r1-test# set nat64 source rule 50 translation pool 50 port '1-65535'
[edit]
cchristiaens@r1-test# commit
[ nat64 ]
Traceback (most recent call last):
  File "/usr/libexec/vyos/services/vyos-configd", line 145, in run_script
    script.verify(c)
  File "/usr/libexec/vyos//conf_mode/nat64.py", line 73, in verify
    if is_node_changed(config, base_src + [f"instance-{num}", "mode"]):
                       ^^^^^^
NameError: name 'config' is not defined

[[nat64]] failed
Commit failed

For more context, I also have these rules in place (meant to be the default v4 IP) :

set nat64 source rule 100 source prefix '64:ff9b::/96'
set nat64 source rule 100 translation pool 10 address '2.2.2.2'
set nat64 source rule 100 translation pool 10 port '1-65535'
4

The host mapping is not implemented.