Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


solusvm and IPv6, doing my head in.
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

solusvm and IPv6, doing my head in.

CloudxtnyHostCloudxtnyHost Member, Host Rep

Hello,

I am running a KVM host using solusvm and it has been setup to forward IPv6 packets but for some reason, the instances on it can't ping the IPv6 gateway even though the host can.

Anyone know how to solve this problem? it is just becoming a pain in the *********

Thanks

Comments

  • Have you got IPv6 and ARP stealing protection turned on? They're known to break v6 on KVM with SolusVM

  • LiteServerLiteServer Member, Patron Provider

    As CableChief mentioned; you have probably IPv6 and ARP stealing turned on. Disable it and it should work.
    IPv6 NDP and RA messages are otherwise being blocked.

  • check ip6tables, disable, see if it runs :)

  • justvmjustvm Member, Patron Provider

    Check if you have this line on /etc/sysctl.conf
    net.ipv6.conf.br0.forwarding = 1

  • MeanServersMeanServers Member, Host Rep

    @CableChief said:
    Have you got IPv6 and ARP stealing protection turned on? They're known to break v6 on KVM with SolusVM

    We have these enabled on all of our machines and it's working fine, I believe SolusVM fixed the problem a few releases ago but it is still worth trying.

    @httpzoom Have you done a traceroute6 from the VMs? What does your ifcfg-br0 file on the host look like? You may want to mask part of the IP addresses when providing that file.

  • @MeanServers Interesting, tried it on the release just before the current one and it just caused headaches. Will test when I get some new nodes set up but not going to bother fiddling around with the production systems :)

  • CloudxtnyHostCloudxtnyHost Member, Host Rep

    Thanks alot guys, how do I check if IPv6 and ARP stealing is on?

    @vpsrus, I have

    net.ipv6.conf.default.forwarding = 1 net.ipv6.conf.all.forwarding = 1 net.ipv6.conf.all.proxy_ndp = 1

    that should be enough right? Here is my /etc/sysconfig/network-scripts/ifcfg-br0

    BOOTPROTO=static DEVICE=br0 ONBOOT=yes TYPE=Bridge IPV4INIT=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_FAILURE_FATAL=no IPV6_DEFAULTDEV=enp2s0f0.xxxx IPV6ADDR=2xxx:0xxx:xxxx::4 IPV6_DEFAULTGW=2xxx:0xxx:xxxx::1 IPADDR=xx.xx.xx.x PREFIX=24
    Strange thing is the host can ping the gateway but the instance can't

  • Go to SolusVM -> Nodes -> Click on the node you want -> Settings button and look for "IP Stealing & ARP Attack" untick both boxes

  • CloudxtnyHostCloudxtnyHost Member, Host Rep

    @CableChief just checked and it's not checked. looks like the problem has something to do with using centos7. I downgraded the vps to centos6 and ipv6 works fine.

    thanks guys

  • Cool cool, CentOS 7 with SolusVM is still experimental and not recommended imo.

  • CloudxtnyHostCloudxtnyHost Member, Host Rep

    yeah it's really strange. I have another instance that's running centos7 and it works fine.

  • MeanServersMeanServers Member, Host Rep

    Interesting to hear the discrepancies between one CentOS 7 host and another. Are you sure the settings are/were the same on both boxes? I noticed the IPV6ADDR filed didn't have the subnet, i.e. /64 at the end, is the other box like that as well or does it have the subnet at the end? Curious to see if that could be what makes the difference.

  • laticlatic Member, Host Rep
    edited June 2016

    @httpzoom, is this one of the servers I used to manage? If so give me a ping.

  • CloudxtnyHostCloudxtnyHost Member, Host Rep

    @latic. No it wasn't thanks though.

    Turns out it was Hetzner miss configuration. Lost the best part of 2 days :-(. All fixed now though.

    Thanks guys.

Sign In or Register to comment.