Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


IPv6 working on the node but not working inside OpenVZ container
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

IPv6 working on the node but not working inside OpenVZ container

hellb0yhellb0y Member

I can ping outside world from the node but i can not ping it from the container. I have Centos 6.6 installed on the node. Any idea what i`m doing wrong ?

NODE:

ping6 google.com
PING google.com(par10s22-in-x0e.1e100.net) 56 data bytes
64 bytes from par10s22-in-x0e.1e100.net: icmp_seq=1 ttl=57 time=4.46 ms
64 bytes from par10s22-in-x0e.1e100.net: icmp_seq=2 ttl=57 time=4.54 ms

CONTAINER:

root@server1:/# ping6 google.com
PING google.com(par10s10-in-x05.1e100.net) 56 data bytes

my sysctl.conf

net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.default.proxy_ndp = 1
net.ipv6.conf.all.proxy_ndp = 1
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

ip -6 neigh
2001:41d0:c:7ff:ff:ff:ff:ff dev eth0 lladdr 00:05:73:a0:00:00 router STALE

Thank you.

Thanked by 1Droid

Comments

  • Can you ping with IPv6 from the container to the node?

  • Add the following to nano /etc/sysconfig/network
    NETWORKING_IPV6=yes
    IPV6FORWARDING=yes
    IPV6_DEFAULTDEV=eth0
    IPV6_DEFAULTGW=1234:1234:1234::1
    IPV6_AUTOCONF=no
    
    add the following to nano /etc/sysconfig/network-scripts/ifcfg-eth0
    IPV6INIT=yes
    IPV6ADDR=1234:1234:1234::2
    
    Replace the information below into nano /etc/sysctl.conf
    net.ipv4.ip_forward = 1
    net.ipv4.ip_forward = 1
    net.ipv6.conf.default.forwarding = 1
    net.ipv6.conf.all.forwarding = 1
    net.ipv4.conf.default.proxy_arp = 0
    net.ipv4.conf.all.rp_filter = 1
    kernel.sysrq = 1
    net.ipv4.conf.default.send_redirects = 1
    net.ipv4.conf.all.send_redirects = 0
    net.ipv6.conf.default.forwarding = 1
    net.ipv6.conf.all.forwarding = 1
    net.ipv6.conf.all.proxy_ndp = 1
    
    To test the configuration to date, do the following.
    sysctl -p
    service network restart
    ping6 -4 google.com
    
  • hellb0yhellb0y Member

    @TinyTunnel_Tom said:

    Add the following to nano /etc/sysconfig/network
    NETWORKING_IPV6=yes
    IPV6FORWARDING=yes
    IPV6_DEFAULTDEV=eth0
    IPV6_DEFAULTGW=1234:1234:1234::1
    IPV6_AUTOCONF=no
    
    add the following to nano /etc/sysconfig/network-scripts/ifcfg-eth0
    IPV6INIT=yes
    IPV6ADDR=1234:1234:1234::2
    
    Replace the information below into nano /etc/sysctl.conf
    net.ipv4.ip_forward = 1
    net.ipv4.ip_forward = 1
    net.ipv6.conf.default.forwarding = 1
    net.ipv6.conf.all.forwarding = 1
    net.ipv4.conf.default.proxy_arp = 0
    net.ipv4.conf.all.rp_filter = 1
    kernel.sysrq = 1
    net.ipv4.conf.default.send_redirects = 1
    net.ipv4.conf.all.send_redirects = 0
    net.ipv6.conf.default.forwarding = 1
    net.ipv6.conf.all.forwarding = 1
    net.ipv6.conf.all.proxy_ndp = 1
    
    To test the configuration to date, do the following.
    sysctl -p
    service network restart
    ping6 -4 google.com
    

    I did modify as u said
    Please see below

    CONTAINER

    root@server1:/# ping6 google.com
    PING google.com(par10s10-in-x05.1e100.net) 56 data bytes
    From par10s10-in-x05.1e100.net icmp_seq=2 Destination unreachable: Address unreachable
    From par10s10-in-x05.1e100.net icmp_seq=3 Destination unreachable: Address unreachable
    From par10s10-in-x05.1e100.net icmp_seq=4 Destination unreachable: Address unreachable

    NODE

    -(~:#)-> ping6 google.com
    PING google.com(par10s22-in-x0e.1e100.net) 56 data bytes
    From 2001:41d0:c:74b::2 icmp_seq=2 Destination unreachable: Address unreachable
    From 2001:41d0:c:74b::2 icmp_seq=3 Destination unreachable: Address unreachable
    From 2001:41d0:c:74b::2 icmp_seq=4 Destination unreachable: Address unreachable

  • I presume we are in OVH by that address.

    Special rules need to be added the GW is diff

  • is this OVH node?

  • @century1stop said:
    is this OVH node?

    IPv6 appears OVH

  • hellb0yhellb0y Member

    Yes is OVH

  • hellb0yhellb0y Member

    @MarkTurner said:
    Can you ping with IPv6 from the container to the node?

    Yes i can ping from container to the node but not outside node.

  • Have you configured nameservers within resolv.conf ?

  • Awmusic12635Awmusic12635 Member, Host Rep

    What is the OS inside of the container? I know Centos by default has some weird default firewall rules. Try clearing the ipv6 iptables.

  • century1stopcentury1stop Member
    edited May 2015

    @TinyTunnel_Tom thanks for the confirmtion

    @hellb0y
    It's a configuration error, you need to go through this document

    http://help.ovh.com/Ipv4Ipv6

    follow exactly, and you should be alright. Don't forget to setup route6 and disable IPv6 iptables for your test

  • hellb0yhellb0y Member

    @AlphaNinevps_com said:
    Have you configured nameservers within resolv.conf ?

    Yes, ipv4 works perfect.

  • hellb0yhellb0y Member

    @Awmusic12635 said:
    What is the OS inside of the container? I know Centos by default has some weird default firewall rules. Try clearing the ipv6 iptables.

    I tried on Ubuntu and Centos with ipv6 rules on and off.

  • hellb0yhellb0y Member

    @century1stop said:
    TinyTunnel_Tom thanks for the confirmtion

    hellb0y
    It's a configuration error, you need to go through this document

    http://help.ovh.com/Ipv4Ipv6

    follow exactly, and you should be alright. Don't forget to setup route6 and disable IPv6 iptables for your test

    Route6 has to be set up inside container ?

  • @hellb0y nope on the node

  • hellb0yhellb0y Member

    @century1stop said:
    hellb0y nope on the node

    I have it on the node , everything works proper on the node , just container is acting like there is no gw for that assigned ipv6.

  • @hellb0y ip6tables off?

  • hellb0yhellb0y Member
    edited May 2015

    @century1stop said:
    hellb0y ip6tables off?

    service ip6tables status
    Table: filter
    Chain INPUT (policy ACCEPT)
    num target prot opt source destination

    Chain FORWARD (policy ACCEPT)
    num target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    num target prot opt source destination

    ping6 -c 4 google.com
    PING google.com(par10s09-in-x02.1e100.net) 56 data bytes

    --- google.com ping statistics ---
    4 packets transmitted, 0 received, 100% packet loss, time 3009ms

  • @hellb0y have you configured per link sent? It's kinda tricky, you need to setup accordingly.

    It'll be better for you to redo the setup with ref. to the document.

  • hellb0yhellb0y Member

    @century1stop said:
    hellb0y have you configured per link sent? It's kinda tricky, you need to setup accordingly.

    It'll be better for you to redo the setup with ref. to the document.

    Can you provide any link to the setup guide per link set ?

  • century1stopcentury1stop Member
    edited May 2015

    @century1stop said:
    @hellb0y
    It's a configuration error, you need to go through this document

    http://help.ovh.com/Ipv4Ipv6 <-------------

    follow exactly, and you should be alright. Don't forget to setup route6 and disable IPv6 iptables for your test

    dis no do?

    is ip6tables off for vm?

  • hellb0yhellb0y Member

    As i said is set up as per ovh instructions, ip6tables switched off and still cant ping outside world from container. It works only on the node

  • century1stopcentury1stop Member
    edited May 2015

    @hellb0y what's the info you get for node and vm ifconfig -a?

    have you restarted networking for the node/vm?

  • hellb0yhellb0y Member

    VM:

    root@server1:/# ifconfig -a
    lo Link encap:Local Loopback
    inet addr:127.0.0.1 Mask:255.0.0.0
    inet6 addr: ::1/128 Scope:Host
    UP LOOPBACK RUNNING MTU:65536 Metric:1
    RX packets:338 errors:0 dropped:0 overruns:0 frame:0
    TX packets:338 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:30936 (30.9 KB) TX bytes:30936 (30.9 KB)

    venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
    inet addr:127.0.0.2 P-t-P:127.0.0.2 Bcast:0.0.0.0 Mask:255.255.255.255
    inet6 addr: 2001:41d0:c000:74b0::7/128 Scope:Global
    UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
    RX packets:8062 errors:0 dropped:0 overruns:0 frame:0
    TX packets:15108 errors:0 dropped:4 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:1205655 (1.2 MB) TX bytes:1600934 (1.6 MB)

    venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
    inet addr:151.80.66.81 P-t-P:151.80.66.81 Bcast:151.80.66.81 Mask:255.255.255.255
    UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1

    NODE:

    eth0 Link encap:Ethernet HWaddr 0C:C4:7A:45:0D:A4
    inet addr:37.187.255.75 Bcast:37.187.255.255 Mask:255.255.255.0
    inet6 addr: 2001:41d0:c:74b::5/64 Scope:Global
    inet6 addr: fe80::ec4:7aff:fe45:da4/64 Scope:Link
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:1363012639 errors:0 dropped:0 overruns:6431456 frame:0
    TX packets:917129911 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:267810020042 (249.4 GiB) TX bytes:72090779279 (67.1 GiB)
    Memory:fb920000-fb93ffff

    lo Link encap:Local Loopback
    inet addr:127.0.0.1 Mask:255.0.0.0
    inet6 addr: ::1/128 Scope:Host
    UP LOOPBACK RUNNING MTU:65536 Metric:1
    RX packets:4144265 errors:0 dropped:0 overruns:0 frame:0
    TX packets:4144265 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:1261892564 (1.1 GiB) TX bytes:1261892564 (1.1 GiB)

    venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
    inet6 addr: fe80::1/128 Scope:Link
    UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
    RX packets:47594550 errors:0 dropped:0 overruns:0 frame:0
    TX packets:93852871 errors:0 dropped:292 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:6807117605 (6.3 GiB) TX bytes:41953283051 (39.0 GiB)

  • century1stopcentury1stop Member
    edited May 2015

    @hellb0y looks okay from here.
    this is mine

    [root@hyde ~]# ifconfig -a
    lo        Link encap:Local Loopback
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:65536  Metric:1
              RX packets:16 errors:0 dropped:0 overruns:0 frame:0
              TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:1666 (1.6 KiB)  TX bytes:1666 (1.6 KiB)
    
    venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
              inet addr:127.0.0.1  P-t-P:127.0.0.1  Bcast:0.0.0.0  Mask:255.255.255.255
              inet6 addr: 2607:5300:60:3730::c9b5:6e6b/128 Scope:Global
              UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
              RX packets:1417906 errors:0 dropped:0 overruns:0 frame:0
              TX packets:1585298 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:302719765 (288.6 MiB)  TX bytes:245198867 (233.8 MiB)
    
    venet0:0  Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
              inet addr:167.114xxx.xxx  P-t-P:167.114.xxx.xxx  Bcast:167.114.xxx.xxx  Mask:255.255.255.255
              UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
    
    [root@hyde ~]# ping6 -c 4 google.com
    PING google.com(lga15s45-in-x05.1e100.net) 56 data bytes
    64 bytes from lga15s45-in-x05.1e100.net: icmp_seq=1 ttl=55 time=24.2 ms
    64 bytes from lga15s45-in-x05.1e100.net: icmp_seq=2 ttl=55 time=24.1 ms
    64 bytes from lga15s45-in-x05.1e100.net: icmp_seq=3 ttl=55 time=24.2 ms
    64 bytes from lga15s45-in-x05.1e100.net: icmp_seq=4 ttl=55 time=24.2 ms
    
    --- google.com ping statistics ---
    4 packets transmitted, 4 received, 0% packet loss, time 3028ms
    rtt min/avg/max/mdev = 24.176/24.202/24.219/0.156 ms
    [root@hyde ~]#
    

    did the thought of hiring a server administrator cross your mind yet?

  • hellb0yhellb0y Member

    This has been solved, Virtualizor added automatically wrong ipv6 subnet.

    Tahnk you.

Sign In or Register to comment.