[lxc-users] ZeroTier Docker IPv6 6plane for LXD

Fri Jul 29 08:04:53 UTC 2016

On Fri, Jul 29, 2016 at 09:48:10AM +0200, Janjaap Bos wrote:
> Thank you for the feedback!
> 
> I manually changed LXD_IPV6_ARG in /usr/lib/lxd/lxd-bridge to
> 
> LXD_IPV6_ARG="--enable-ra --dhcp-range=::1, ::e825:FFFF,
> constructor:lxdbr0, ra-names, 12h --listen-address ${LXD_IPV6_ADDR}"
> 
> However, dnsmasq requires a minimal prefix of /64:
> dnsmasq: bad command line options: prefix length must be at least 64
> 
> This requirement is also documented in its man page.
> 
> So I think the easiest would be to manually set the ip in the container.
> 
> Is it possible to provide the contents
> of /etc/network/interfaces.d/50-cloud-init.cfg through lxd as a config
> option or parameter per container?

You may be able to do this through cloud-init, by setting the
user.user-data key. The difficulty being that cloud-init run after the
network has been brought up, so you'd have to have cloud-init bounce it
after you've changed the configuration.

> 
> Regards.
> 
> -Janjaap
> 
> 
> 2016-07-28 22:44 GMT+02:00 Stéphane Graber <stgraber at ubuntu.com>:
> 
> > On Thu, Jul 28, 2016 at 05:17:13PM +0200, Janjaap Bos wrote:
> > > Hi,
> > >
> > > I am trying to configure 6plane mode for LXD.
> > >
> > > For background on 6plane see:
> > >
> > https://www.zerotier.com/community/topic/67/zerotier-6plane-ipv6-addressing
> > >
> > > I am able to configure a /80 network for the LXD, and also the manual
> > > configuration at the containers to assign an IPv6 number from that subnet
> > > and set the route.
> > >
> > > However, I am not able to configure LXD to provide DHCPv6 service to the
> > > container in this subnet.
> > >
> > > I would much appreciate guidance on how to configure LXD to provide auto
> > > assigned IPv6 addresses from its subnet to the containers.
> > >
> > >
> > > My settings for IPv6 in /etc/default/lxd-bridge:
> > >
> > > ## IPv6 address (e.g. 2001:470:b368:4242::1)
> > > LXD_IPV6_ADDR="fca0:4ab7:4617:1cf5:3ad6::1"
> > >
> > > ## IPv6 CIDR mask (e.g. 64)
> > > LXD_IPV6_MASK="80"
> > >
> > > ## IPv6 network (e.g. 2001:470:b368:4242::/64)
> > > LXD_IPV6_NETWORK="fca0:4ab7:4617:1cf5:3ad6::1/80"
> > >
> > > ## NAT IPv6 traffic
> > > LXD_IPV6_NAT="false"
> > >
> > > # Run a minimal HTTP PROXY server
> > > LXD_IPV6_PROXY="false"
> > >
> > >
> > > Regards,
> > >
> > > -Janjaap
> >
> > Currently our dnsmasq setup only does SLAAC (stateless address
> > auto-configuration). That means, it announces the prefix using multicast
> > or on request and the kernel then computes an IPv6 address from the
> > container based from that.
> >
> > That computation is done using EUI64 which generates a unique IPv6
> > address from the MAC address, using a 64-bit network prefix.
> >
> > Since your network is a /80 which is smaller than a /64, it's simply not
> > possible for EUI64 to work which is why your containers aren't getting
> > an IP address.
> >
> >
> > I suspect you may have to reconfigure dnsmasq by hand to do full
> > stateful DHCPv6 and then will have to configure your containers to
> > actually do DHCPv6 as none of the images we provide do so (they all do
> > SLAAC fine though).
> >
> >
> > --
> > Stéphane Graber
> > Ubuntu developer
> > http://www.ubuntu.com
> >
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users
> >

> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20160729/fa69336d/attachment.sig>