[Users] OpenVZ and IPv6
Kevin Holly [Fusl]
openvz at lists.dedilink.eu
Thu Jun 18 15:02:05 PDT 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
On 06/18/2015 11:13 PM, Todd Mueller wrote:
> [...]
I'm not entirely sure if you understand what he asks for.
When you do "vzctl set CTID --ipadd 2001:1234:1234:1234/64 --save", OpenVZ creates a route only for the network address (2001:1234:1234:1234::), but not for the entire /64 subnet which is unexpected behaviour already.
Inside the container, OpenVZ automatically adds the network address (2001:1234:1234:1234::) to venet0.
2001:1234:1234:1234:: is now reachable from the outside
If you add 2001:1234:1234:1234::1 as an address inside the container, it should send a NDP packet to update neighbours about the new IPv6 address (including the router) but what we see instead is 2001:1234:1234:1234::1 staying unreachable.
OpenVZ in this case treats the 2001:1234:1234:1234::/64 subnet as a single address (which is 2001:1234:1234:1234::) instead of the subnet we requested and throws away all subnet information.
How we expect it to work instead:
"vzctl set CTID --ipadd 2001:1234:1234:1234::/64 --save" should add an entire /64 route and allow the container to use the entire /64 subnet as outgoing IPv6 address
vzctl should not by default add an IPv6 address from this subnet OR add 2001:1234:1234:1234:: by default to the container.
Inside the container we should now be able to add 2001:1234:1234:1234::1 as another IPv6 address to venet0 and OpenVZ kernel/the hardware node should forward NDP packets for updating neighbours including routers with the new IPv6 address.
The addresses 2001:1234:1234:1234:: and 2001:1234:1234:1234::1 should now be reachable from outside.
I hope that I explained this enough in detail so everyone reading should get an idea of what we mean.
- --
Best regards
Kevin Holly - root at hallowe.lt - http://hallowe.lt/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBAgAGBQJVgz/dAAoJELAaqP3QtzpMLlwH/2nYUll/ZwkkmQbYCZLRWAMZ
h90rdK8zh5MRKTSSlMMO6AEBc3yKiw2F5nSHpAIKS5GuvtRbKs7qkHDM3BruSvg6
W60D0tiYdIQLKFCEgldo5aPmGdJirGA/DV8nq1bEYlQX41nC9rsuvRUPbupIr24n
Y6YN2J34BIaTmkXrAj2kjL+O0h6AUlgTOyitohd8jzmc4aki7jn3rsuoDDC6yN38
mKBp1j992zJnWPHSekmyCYAJzGRlD0JAAamasFTxlkV/5Gd3vZoFIX6tkrj7Wfu2
/CGgGM9+3ubPdW9CJeBPSGO92VxAyomLf7Y68ezVO0zuK/FuqqMPwaADJ64eCLU=
=sbdL
-----END PGP SIGNATURE-----
More information about the Users
mailing list