New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
That looks like the wrong bridging, i.e. you bridged to vmbr0 or the wrong gateway. It is likely you paid more attention in the new server.
If you mean over IPv4, you can't, just create on other ports and use something to redirect, such as Cloudflare. On IPv6, no problems.
I have the same problem, I can ping to the IPv6 gateway on the host (xxxx:xxxx::1) from the VM. I can ping from the host to the VM (xxxx:xxxx:100). I can ping from host to google.con using ipv6. But the container can't ping to google.com using ipv6. I double checked ndppd config and running, the bridge on container, the ipv6 addresses and gateways. I have not clue what to do.
post configs here, I will take a look. Check if you enabled ipv6 forwarding first.
Thanks for this guide. I was able to finally get IPv6 finally properly up and running thanks to you.
I know this is mentioned in the troubleshooting. When IPv4 port 80/443 is forwarded to a VM, all containers are no longer able to browse. Connections to github, docker, etc. time out. Ping and nslookup both still work.
Unlike the troubleshooting, I wasn't able to get it consistently working after restarting the VM. I can curl google.com afterwards (sometimes), but curl to github.com and registry-1.docker.io both time out always, no matter how many times I restart the host or VM. At least my port 80/443 web servers are accessible.
I am using the proxmox 7 template from OVH and have already tried reinstalling proxmox 7 to get it working.
config (with anonymized IP):
This is a bit of a shot in the dark - I don't think anyone really knows what's causing this.
I'm happy just only using IPv6 at this point; since I finally managed to get that working thanks to you and I can just use IPv6 reverse proxy from Cloudflare. Alternatively, I can just defy best practice and setup the reverse proxy on the hypervisor itself.
I know what is causing it. The interface is not specified and the system gets confused.
Change this:
Into this:
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to-destination 10.0.0.3
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to-destination 10.0.0.3
And the subsequent post-down stanzas.
Sorry for being lazy, I will have to update the guide as many people have complex setups with multiple bridges etc. So far That issue only appeared for those but it looks like 2 bridges can also be enough to confuse the system.
Thanks, that worked, and definitely don't think you're lazy, you got me way further than I would've on my own and I'm very appreciative. I don't think anyone else came up with a viable tutorial on dealing with the quirks of Kimsufi's IPv6 routing.