[lxc-users] LXD Bridged IPv6

Nick Falcone nick at nfalcone.net
Tue Apr 26 18:16:18 UTC 2016 

Thank you, I saw mentions of this and tried it as follows:

I add net.ipv6.conf.all.proxy_ndp=1 to /etc/sysctl.conf and rebooted and
verified it was set to 1.

Then on my host 

ip -6 neigh add proxy 2604:a880:0:1010:216:3eff:fe87:ff20 dev eth0 (wan
port of the vps not the bridge?)

Still no change, do I need to add anything to the container in addition
to the host?

On Tue, Apr 26, 2016, at 08:41 AM, Johan Jonkers wrote:
> Hi,
> 
> I had to set ndp_proxy on my bridge(with sysctl) as well as put in ndp 
> proxy's on the host running the containers, like:
> 
> $ ip -6 neigh add proxy <IPv6 container> dev eth0
> 
> where eth0 is the external nic of the host.
> 
> Hope that helps!
> 
> Johan
> 
> On 25/04/16 14:30, Nick Falcone wrote:
> > root at test9001:~# ip -6 r
> > 2604:a880:0:1010::/64 dev eth0  proto kernel  metric 256  expires
> > 3434sec pref medium
> > fe80::/64 dev eth0  proto kernel  metric 256  pref medium
> > default via fe80::684e:dcff:feae:fd61 dev eth0  proto ra  metric 1024
> > expires 1634sec hoplimit 64 pref medium
> >
> >
> > root at test9001:~# default via fe80::1 dev eth0  metric 1024  pref medium
> >
> >
> > after adding the route you suggested I still get:
> > ip -6 route del default
> > ip -6 route add default via fe80::1 dev eth0
> >  From 2604:a880:0:1010:216:3eff:fe87:ff20 icmp_seq=15 Destination
> > unreachable: Address unreachable
> >
> > On Mon, Apr 25, 2016, at 07:25 AM, Wojciech Arabczyk wrote:
> >> What are your route settings in the container?
> >> ip -6 route show
> >>
> >> Have you tried adding the generic default route via:
> >> ip -6 route add default via fe80::1 dev eth0
> >> on the container itself?
> >>
> >> On 25 April 2016 at 13:11, Nick Falcone <nick at nfalcone.net> wrote:
> >>> In my sysctl.conf I have:
> >>>
> >>> net.ipv4.ip_forward=1
> >>> net.ipv6.conf.all.forwarding=1
> >>>
> >>>
> >>> and just to double check
> >>>
> >>> root at lxdtest:~# sysctl net.ipv4.ip_forward
> >>> net.ipv4.ip_forward = 1
> >>> root at lxdtest:~# sysctl net.ipv6.conf.all.forwarding
> >>> net.ipv6.conf.all.forwarding = 1
> >>>
> >>> On Mon, Apr 25, 2016, at 03:44 AM, Wojciech Arabczyk wrote:
> >>>> Are you sure, you have enabled ipv6 forwarding via sysctl?
> >>>>
> >>>> On 22 April 2016 at 18:10, Nick Falcone <nick at nfalcone.net> wrote:
> >>>>> Hello
> >>>>>
> >>>>> I have been banging my head up against a wall for a few days now trying
> >>>>> to get IPv6 to work across my bridged interface for my containers.
> >>>>>
> >>>>> I have tried different VPS and dedicated servers as well as versions of
> >>>>> Ubuntu 14.04, 15.10, and 16.04 to get this working.  The latest test all
> >>>>> this info is from an Ubuntu 16.04 with the included version of LXD.
> >>>>>
> >>>>> First I install and run lxd init, I configure the bridge like so.
> >>>>>
> >>>>> lxdbr0    Link encap:Ethernet  HWaddr fe:82:af:f0:5d:ce
> >>>>>            inet addr:10.195.87.1  Bcast:0.0.0.0  Mask:255.255.255.0
> >>>>>            inet6 addr: 2604:a880:0:1010::623:2/64 Scope:Global
> >>>>>            inet6 addr: fe80::40c6:84ff:fe18:22fb/64 Scope:Link
> >>>>>            UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >>>>>            RX packets:294 errors:0 dropped:0 overruns:0 frame:0
> >>>>>            TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
> >>>>>            collisions:0 txqueuelen:1000
> >>>>>            RX bytes:21612 (21.6 KB)  TX bytes:2127 (2.1 KB)
> >>>>>
> >>>>> This is my host information too
> >>>>>
> >>>>> eth0      Link encap:Ethernet  HWaddr 04:01:d4:50:c4:01
> >>>>>            inet addr:162.243.200.170  Bcast:162.243.200.255
> >>>>>            Mask:255.255.255.0
> >>>>>            inet6 addr: fe80::601:d4ff:fe50:c401/64 Scope:Link
> >>>>>            inet6 addr: 2604:a880:0:1010::623:1/64 Scope:Global
> >>>>>            UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >>>>>            RX packets:76258 errors:0 dropped:0 overruns:0 frame:0
> >>>>>            TX packets:8187 errors:0 dropped:0 overruns:0 carrier:0
> >>>>>            collisions:0 txqueuelen:1000
> >>>>>            RX bytes:111074998 (111.0 MB)  TX bytes:1230729 (1.2 MB)
> >>>>>
> >>>>> I launch and enter the first container it has this info:
> >>>>>
> >>>>> eth0      Link encap:Ethernet  HWaddr 00:16:3e:87:ff:20
> >>>>>            inet addr:10.195.87.69  Bcast:10.195.87.255
> >>>>>            Mask:255.255.255.0
> >>>>>            inet6 addr: 2604:a880:0:1010:216:3eff:fe87:ff20/64
> >>>>>            Scope:Global
> >>>>>            inet6 addr: fe80::216:3eff:fe87:ff20/64 Scope:Link
> >>>>>            UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >>>>>            RX packets:20 errors:0 dropped:0 overruns:0 frame:0
> >>>>>            TX packets:294 errors:0 dropped:0 overruns:0 carrier:0
> >>>>>            collisions:0 txqueuelen:1000
> >>>>>            RX bytes:2175 (2.1 KB)  TX bytes:25728 (25.7 KB)
> >>>>>
> >>>>> so here I can see slaac is successful, but I cannot ping6
> >>>>> 2604:a880:0:1010::623:1 (the host ipv6), I cannot ping google's public
> >>>>> dns ipv6 either.  I CAN successfully ping6 2604:a880:0:1010::623:2 my
> >>>>> bridge public IPv6.
> >>>>>
> >>>>> Seems like a routing issue, so on the host I add:
> >>>>> ip -6 route add 2604:a880:0:1010:216:3eff:fe87:ff20 dev lxdbr0
> >>>>>
> >>>>>
> >>>>> Still not able to ping6 out.  As a side note IPv4 works great.
> >>>>>
> >>>>> Am I missing something here? I cannot seem to find a lot of docs on this
> >>>>> small part.  I thought to look at the demo containers on
> >>>>> https://linuxcontainers.org/lxd/try-it/ but am unable to ping6 out on
> >>>>> those, is this just a limitation?
> >>>>>
> >>>>> Thanks for any help in advance, would really like to use lxd for a
> >>>>> project.  Also I do not care to redact these real IPs, they belong to a
> >>>>> box only used for getting this working then will be destroyed.
> >>>>> _______________________________________________
> >>>>> lxc-users mailing list
> >>>>> lxc-users at lists.linuxcontainers.org
> >>>>> http://lists.linuxcontainers.org/listinfo/lxc-users
> >>>> _______________________________________________
> >>>> lxc-users mailing list
> >>>> lxc-users at lists.linuxcontainers.org
> >>>> http://lists.linuxcontainers.org/listinfo/lxc-users
> >>> _______________________________________________
> >>> lxc-users mailing list
> >>> lxc-users at lists.linuxcontainers.org
> >>> http://lists.linuxcontainers.org/listinfo/lxc-users
> >> _______________________________________________
> >> lxc-users mailing list
> >> lxc-users at lists.linuxcontainers.org
> >> http://lists.linuxcontainers.org/listinfo/lxc-users
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users
> 
> 
> -- 
> Johan Jonkers ♦ seecr.nl ♦ +31 (0) 655 734 175
> 
> 
> -- 
> SeecrNews
> ♦ Meer keuze voor voorlezers! 
> <https://blog.seecr.nl/2016/04/25/meer-keuze-voor-voorlezers/>
> ♦ Het beste van twee werelden: Apache Jena + Lucene 
> <https://blog.seecr.nl/2016/04/21/het-beste-van-twee-werelden-apache-jena-lucene/>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users

More information about the lxc-users mailing list