Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Proxmox Ipv6 routed network help need - Anyone please?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Proxmox Ipv6 routed network help need - Anyone please?

Hello!
I have a server where I installed Proxmox and I want to use routed network instead of default one

Here's some information

Server have 1 main IPv4 /32 and 1 Main IPv6 block /48

Example: Main Server IPv4 is 45.255.116.23/32
Main Server IPv6 block is 20ac:4n8a::/48

**Server also have a /24 block IPv4 fully available for this server Which I will use to create VM**

Example: 175.15.250.0/24

What I want?

I want to run the proxmox on routing network where the main IP 45.255.116.23 and an IP from the IPv6 block will use as main server port IP 20ac:4n8a::5/128

And Will use IPs from remaining whole /48 IPv6 + 175.15.250.0/24 for VMs

Here's my server's network config

auto lo
iface lo inet loopback

auto enp1s0f1
iface enp1s0f1 inet static
        address 45.255.116.23/24
        gateway 45.255.116.1
        pointopoint 45.255.116.1
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up echo 1 > /proc/sys/net/ipv4/conf/enp1s0f1/proxy_arp

iface enp1s0f1 inet6 static
        address 20ac:4n8a::5
        netmask 128
        gateway 20ac:4n8a::1    
        up sysctl -p

iface eno2 inet manual

iface enp1s0f0 inet manual

iface en01 inet manual

iface eno1 inet manual

auto vmbr0
iface vmbr0 inet static
        address 175.15.250.1/24
        netmask 255.255.255.0
        bridge-ports none
        bridge-stp off
        bridge-fd 0

up route add -host 175.15.250.0/24 dev vmbr0 scope link

iface vmbr0 inet6 static
        address 20ac:4n8a::1/48
        netmask 48

up ip -6 route add 20ac:4n8a::/48 dev vmbr0

Now I have created a VM with the IP 175.15.250.35/24 + 20ac:4n8a::10/48

What is the actual problem I am facing right now?

I can ping both IPv4 and IPv6 servers from the host machine
Like: ping google.com and also Ping6 google.com


But when I to ping from the guest VM I found some issue
1. I can access the VM from SSH using IPv4
2. I can ping from the VM to google from IPv4 like ping google.com

But

1. I can't open the VM from SSH using [IPV6]
2. I can't ping to IPv6 server from the VM like ping6 google.com

I have enable IPv4 and IPv6 forward on /etc/sysctl.conf

sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv6.conf.all.forwarding=1

Host servers and IPs are perfectly fine (Confirmed by DC)

So is there something I missed on IPv6 config and that's why host node working but on VM IPv6 not working!!?

Is there anyone who faced this kind of issue and anyone who can help me to fix it?

Comments

  • lebuserlebuser Member

    @BingoBongo said:

       iface enp1s0f1 inet6 static
           address 20ac:4n8a::5
           netmask 128
           gateway 20ac:4n8a::1    
           up sysctl -p
    

    I hope the main IPv6 block /48 is routed to your server. otherwise it will be a pain to use addresses from that prefix on VMs. With a routed prefix it's a bit odd to use addresses from the prefix on the upstream interface. Usually you would use addresses from another prefix or link-local addresses.

      iface vmbr0 inet6 static
           address 20ac:4n8a::1/48
           netmask 48
    
           up ip -6 route add 20ac:4n8a::/48 dev vmbr0
    

    The address above is the same as gateway on enp1s0f1. That doesn't make sense since that would mean the server's default route points to itself.

    Also you shouldn't assign a /48 to an interface. It should be a /64. But you can also route a prefix to each VM, if they need more. You can also route for example a /50 to three different VMs and then use one (of 16384) /64s from the first /50 for vmbr0 itself.

    iface vmbr0 inet6 static
        address 20ac:4n8a:0:1::1/64
        netmask 64
    
        up ip -6 route add 20ac:4n8a:0:4000:/50 via 20ac:4n8a:0:1::1:1 dev vmbr0
        up ip -6 route add 20ac:4n8a:0:8000:/50 via 20ac:4n8a:0:1::1:2 dev vmbr0
        up ip -6 route add 20ac:4n8a:0:c000:/50 via 20ac:4n8a:0:1::1:3 dev vmbr0
    
  • BingoBongoBingoBongo Member
    edited May 2022

    @lebuser said:

    Thank you for your reply.

    I hope the main IPv6 block /48 is routed to your server. otherwise it will be a pain to use addresses from that prefix on VMs. With a routed prefix it's a bit odd to use addresses from the prefix on the upstream interface. Usually you would use addresses from another prefix or link-local addresses.

    Yes the IPv6 block /48 is absolutely fine and it's for my server. I already mentioned in the post and it's working fine on the host node.

    The address above is the same as gateway on enp1s0f1. That doesn't make sense since that would mean the server's default route points to itself.

    Also you shouldn't assign a /48 to an interface. It should be a /64. But you can also route a prefix to each VM, if they need more. You can also route for example a /50 to three different VMs and then use one (of 16384) /64s from the first /50 for vmbr0 itself.

    Well I know it's the gateway of the port. But I did the same thing for the IPv4

    175.15.250.1 is also the gateway of the IPv4 block as it's told by our DC

    I want to use both actual gateway as the VM's gateway

    So even I am using routed network, on gateway I want the default one because it will save to from wasting an IP (Which we have to use if we create a new gateway for VMs)

    Also note:

    I want to assign /48 to the server and will allot /64 each VM

    I am trying to do something like this

    https://community.hetzner.com/tutorials/install-and-configure-proxmox_ve

    But note: I am not using Hetzner or OVH server, So don't have their complex network and it should be easy to do that, But I think I missed something and that's why I am not getting access with IPv6 on VM but I can on Host node

  • @BingoBongo said:

    But note: I am not using Hetzner or OVH server, So don't have their complex network and it should be easy to do that, But I think I missed something and that's why I am not getting access with IPv6 on VM but I can on Host node

    It all looks like you blindly followed the tutorial. If you were on a truly routed network, it'd work according to Hetzner's tutorial (I did a setup according to their tutorial a while ago to setup a beta testing machine). It's more likely you have a linked IPv6 since the typical result for such is that only the host can ping outside. Of course your kernel could miss the forwarding module or whatever but I don't expect this because you can ping the host. Maybe you can share more information about your network manager (or hoster) because it appears to be an issue there (or maybe no real /48).

Sign In or Register to comment.