All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Need help, Getting IPv6 working inside VMs
PrincessOfCats
Member
Hi, I currently have a server with Dacentec. I am currently running VMs behind a VyOS software router.
They gave me a /48 with the network and gateway. The ::1 you see below in the config is the gateway.
Fiddling around, I managed to get IPv6 to work in VyOS with the following config
interfaces {
ethernet eth0 {
address <address removed>
address <address removed>:4CC::2/48
duplex auto
firewall {
in {
name eth0-v4-FWD
}
local {
name eth0-v4-IN
}
}
smp_affinity auto
speed auto
}
ethernet eth1 {
address 10.5.0.1/16
address <address removed>:4CC:babe::1/64
duplex auto
firewall {
local {
name eth1-v4-IN
}
}
ipv6 {
router-advert {
name-server <address removed>:4CC:babe::1
prefix <address removed>:4CC:babe::/64 {
}
send-advert true
}
}
smp_affinity auto
speed auto
}
}
protocols {
static {
route6 ::/0 {
next-hop <address removed>:4CC::1 {
}
}
}
}
There is no firewall on for v6, I will enable that later when I get this working.
At the moment, VMs are connected to a bridge (eth1), and are receiving their proper ipv6 addresses via router adverts.
However, v6 traffic sent by the VMs don't seem to make it back quite right.
On a MTR from the VMs, the VMs can get to eth1, but nothing beyond that.
On a MTR from the web to the VM, the traffic drops off right before the VM. The first screenshot is to :4CC::2, while the second screenshot is to a VM.
Comments
That was a pain, it took me a while to get IPv6 working both ways under Dacentec. I could tell you what I did and it might help (I was using vanilla KVM)?
I setup my host to act as the gateway (taking 2607:XXX:XXX:1::1 for it's self).
iface eth0 inet6 static address 2607:XXX:XXX:1::1 netmask 128 gateway 2607:XXX:XXX::1I enabled forwarding under IPv6 which disables accept_ra. I re-enabled it via setting 2. Then to allow packets to be proxied via the gateway I enabled proxy_ndp.
I setup up my bridge to use my host as the gateway taking the IPv6 /48 subnet.
iface br0 inet6 static address 2607:XXX:XXX:1::1 netmask 48I setup up the neigh proxy so that I could get packets to hit my host through 2607:XXX:XXX:1::1.
up ip -6 neigh add proxy 2607:XXX:XXX:1::100 dev eth0 up ip -6 neigh add proxy 2607:XXX:XXX:1::101 dev eth0 up ip -6 neigh add proxy 2607:XXX:XXX:1::102 dev eth0Then finally I setup my routes to get from my gateway to my VM's.
up ip -6 route add 2607:XXX:XXX:1::100 dev br0 up ip -6 route add 2607:XXX:XXX:1::101 dev br0 up ip -6 route add 2607:XXX:XXX:1::102 dev br0Without the routes I was able to access the VM over IPv6 if I pinged the gateway.
Thanks!
You've pointed me in the right direction. I enabled forwarding/ra/ndp on VyOS, then I went to add the VM addresses via neighbor proxy. The entire setup runs on Proxmox with VyOS being the firewall. The VMs are running on a private bridge that is attached to VyOS.
Quite irritating just to get ipv6 support on the VMs though.
Edit:
Found an app named Ndppd which automatically manages the proxying. Works fine, new VMs get connection to ipv6 instantly.
Hi there, I realise this is a very old thread now, but I'm currently fighting a similar battle with a hypervisor running in OVH with their questionable IPv6 offering.
If by any chance you are still running this config would you mind sharing your working config for VyOS? Thanks!