I’m trying to setup ipv6 for a debian node with openvz kernel. First step is setting up the host node to use ipv6. The next step is to create ipv6-only containers. For my experiment, I chose Dacentec dedicated server. Dacentec is a great provider with a lot of choices in the budget dedicated server segment.
A /48 ipv6 block is an optional free addon for the server.
After opening a support ticket, I received the following details:
Network 2607:5400:048d:0000::/48 Gateway 2607:5400:048d:0000::1/48
ssh into the server and check the interfaces file:
cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth2
iface eth2 inet static
address 148.126.187.10
netmask 255.255.255.248
network 148.126.187.8
broadcast 148.126.187.15
gateway 148.126.187.9
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 199.255.156.3
dns-search droidzone.in
up ip addr add 148.126.187.14 dev eth2
up ip addr add 148.126.187.12 dev eth2
up ip addr add 148.126.187.13 dev eth2
Here, 148.126.187.10 is the primary address of the host node. 148.126.187.12, 148.126.187.13 and 148.126.187.14 are additional IPv4s that I purchased to set up containers. Anyway this is not relevant, as we’re currently attempting to create ipv6-only containers.
Dacentec provided me the following /48 ipv6 block:
Network 2107:5200:058d:0000::/48 Gateway 2107:5200:058d:0000::1/48
I then modified my file:
emacs /etc/network/interfaces
and added the following:
iface eth2 inet6 static address 2107:5200:058d:0000::2 netmask 64 up ip -6 route add default via 2107:5200:058d:0000::1 dev eth2 down ip -6 route del default via 2107:5200:058d:0000::1 dev eth2
The final file looks like this:
auto lo
iface lo inet loopback
allow-hotplug eth2
iface eth2 inet static
address 148.126.187.10
netmask 255.255.255.248
network 148.126.187.8
broadcast 148.126.187.15
gateway 148.126.187.9
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 199.255.156.3
dns-search droidzone.in
up ip addr add 148.126.187.14 dev eth2
up ip addr add 148.126.187.12 dev eth2
up ip addr add 148.126.187.13 dev eth2
iface eth2 inet6 static
address 2107:5200:058d:0000::2
netmask 64
up ip -6 route add default via 2107:5200:058d:0000::1 dev eth2
down ip -6 route del default via 2107:5200:058d:0000::1 dev eth2
Now do the following:
ipdown eth2 && ifup eth2
If you do just a ipdown eth2, you’ll find that your ssh shell exists, and you’ll no longer be able to connect to it. Only a restart will solve it, unless you have a KVM or IPMI to bring back the interface online.
Next up:
Creating ipv6-only containers
Creating ipv6-only containers
With the above configuration, I then added the ip address pool from 2107:5200:058d:0000::4 to 2107:5200:058d:0000::10, to the OpenVZ web panel. Alternately, you can use Promox or the command line vzctl tool.
Then I created a vps, assigning the ip: 2107:5200:058d:0000::4.
I entered the container from the node with:
vzctl enter 2
Edited resolv.conf to have the following:
nameserver 2001:4860:4860::8888
I found that I could not ping ipv4 addresses any more, but could ping ipv6 with ease:
# ping6 ipv6.google.com PING ipv6.google.com(yv-in-x71.1e100.net) 56 data bytes 64 bytes from yv-in-x71.1e100.net: icmp_seq=1 ttl=54 time=9.77 ms 64 bytes from yv-in-x71.1e100.net: icmp_seq=2 ttl=54 time=9.74 ms 64 bytes from yv-in-x71.1e100.net: icmp_seq=3 ttl=54 time=9.74 ms
To add ipv6 addresses to containers,
Edit /etc/sysctl.conf so that it contains:
net.ipv6.conf.default.forwarding = 1 net.ipv6.conf.all.forwarding = 1 net.ipv4.conf.default.proxy_arp = 0 net.ipv6.conf.default.proxy_ndp = 1 net.ipv6.conf.all.proxy_ndp = 1
The final file contains:
net.ipv4.ip_forward=1 net.ipv6.conf.default.forwarding = 1 net.ipv6.conf.all.forwarding = 1 net.ipv4.conf.default.proxy_arp = 0 net.ipv6.conf.default.proxy_ndp = 1 net.ipv6.conf.all.proxy_ndp = 1 net.ipv4.conf.all.rp_filter = 1 kernel.sysrq = 1 net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.all.send_redirects = 0
Activate the new configuration with:
sysctl -p
Now you can assign ipv6 to containers with:
vzctl set <VEID> --ipadd 2107:xxx:xxx::xxx --save
You can enter the vm with
vzctl enter <VEID>
Now, add an ipv6 dns to resolv.conf:
vi /etc/resolv.conf
nameserver 2001:4860:4860::8888
Joel G Mathew, known in tech circles by the pseudonym Droidzone, is an opensource and programming enthusiast.
He is a full stack developer, whose favorite languages are currently Python and Vue.js. He is also fluent in Javascript, Flutter/Dart, Perl, PHP, SQL, C and bash shell scripting. He loves Linux, and can often be found tinkering with linux kernel code, and source code for GNU applications. He used to be an active developer on XDA forums, and his tinkered ROMS used to be very popular in the early 2000s.
His favorite pastime is grappling with GNU compilers, discovering newer Linux secrets, writing scripts, hacking roms, and programs (nothing illegal), reading, blogging. and testing out the latest gadgets.
When away from the tech world, Dr Joel G. Mathew is a practising ENT Surgeon, busy with surgeries and clinical practise.