netatalk.io

MacIP Gateway

As of Netatalk 4.0.0, we bundle Stefan Bethke’s macipgw daemon in our tarball, enabling you to build and launch it as any other Netatalk daemon.

The macipgw daemon provides a MacIP gateway that allow old Macs to use the MacIP network stack to access TCP/IP resources from a LocalTalk network.

Previously, macipgw was a stand-alone daemon that linked against Netatalk’s libatalk shared library to access the AppleTalk stack and atalkd network management daemon.

In order to use the Mac IP gateway, you need to configure a network tunnel and IPv4 packet forwarding.

On Linux, this can be done with f.e. iptables or nft. On BSD you can use pf or npf*. You may need to set up NAT (Network Address Translation) .

When launching macipgw, choose a subnet address and mask that doesn’t conflict with the rest of your network. For the nameserver, you can use your own or a public DNS server such as Google’s (8.8.8.8 and 8.8.4.4).

If you want to see debug information, launch it with an appropriate debug flag with -d, example below that enables all debug logging.

macipgw -d0x111 -n 8.8.8.8 192.168.151.0 255.255.255.0

Mac client

Make sure your Mac has MacTCP or Open Transport installed. From for instance the TCP/IP control panel, choose the “MacIP” network stack. Let the server assign the IP address. Pick the correct AppleTalk zone if the server is defining one.

Once both the server and client have synchronized with the AppleTalk network, you should see both of them represented in the NBP cache, f.e.:

$ nbplkup 
                  192.168.151.1:IPGATEWAY                          65280.21:72
                          alien:TimeLord                           65280.21:129
                          alien:AFPServer                          65280.21:128
                          alien:netatalk                           65280.21:4
                          alien:Workstation                        65280.21:4
                  192.168.151.2:IPADDRESS                          65280.177:72
                         rescue:AFPServer                          65280.177:253
                         rescue:Workstation                        65280.177:4

When the gateway and tunnel are up and running, you should be able to browse the web or access an AFP-over-TCP server from the Mac.

Caveats

The Linux kernel has a feature called IPDDP which unfortunately filters out the traffic that the MacIP gateway relies on. This feature was removed from the Linux kernel in version 6.7. If you are using an earlier version, you need to recompile your kernel with IPDDP disabled. Later versions of the kernel should work out of the box.

See also

• macipgw manual page
• Example of NAT configuration on Debian Linux, from A2SERVER

This is a mirror of the Netatalk GitHub Wiki. Please visit the original page if you want to correct an error or contribute new contents.

Last updated 2024-10-20