[Users] OpenVZ and IPv6

Kevin Holly [Fusl] openvz at lists.dedilink.eu
Thu Jun 18 15:02:05 PDT 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

On 06/18/2015 11:13 PM, Todd Mueller wrote:
> [...]

I'm not entirely sure if you understand what he asks for.

When you do "vzctl set CTID --ipadd 2001:1234:1234:1234/64 --save", OpenVZ creates a route only for the network address (2001:1234:1234:1234::), but not for the entire /64 subnet which is unexpected behaviour already.

Inside the container, OpenVZ automatically adds the network address (2001:1234:1234:1234::) to venet0.

2001:1234:1234:1234:: is now reachable from the outside

If you add 2001:1234:1234:1234::1 as an address inside the container, it should send a NDP packet to update neighbours about the new IPv6 address (including the router) but what we see instead is 2001:1234:1234:1234::1 staying unreachable.

OpenVZ in this case treats the 2001:1234:1234:1234::/64 subnet as a single address (which is 2001:1234:1234:1234::) instead of the subnet we requested and throws away all subnet information.


How we expect it to work instead:

"vzctl set CTID --ipadd 2001:1234:1234:1234::/64 --save" should add an entire /64 route and allow the container to use the entire /64 subnet as outgoing IPv6 address

vzctl should not by default add an IPv6 address from this subnet OR add 2001:1234:1234:1234:: by default to the container.

Inside the container we should now be able to add 2001:1234:1234:1234::1 as another IPv6 address to venet0 and OpenVZ kernel/the hardware node should forward NDP packets for updating neighbours including routers with the new IPv6 address.

The addresses 2001:1234:1234:1234:: and 2001:1234:1234:1234::1 should now be reachable from outside.


I hope that I explained this enough in detail so everyone reading should get an idea of what we mean.

- -- 
Best regards

Kevin Holly - root at hallowe.lt - http://hallowe.lt/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBAgAGBQJVgz/dAAoJELAaqP3QtzpMLlwH/2nYUll/ZwkkmQbYCZLRWAMZ
h90rdK8zh5MRKTSSlMMO6AEBc3yKiw2F5nSHpAIKS5GuvtRbKs7qkHDM3BruSvg6
W60D0tiYdIQLKFCEgldo5aPmGdJirGA/DV8nq1bEYlQX41nC9rsuvRUPbupIr24n
Y6YN2J34BIaTmkXrAj2kjL+O0h6AUlgTOyitohd8jzmc4aki7jn3rsuoDDC6yN38
mKBp1j992zJnWPHSekmyCYAJzGRlD0JAAamasFTxlkV/5Gd3vZoFIX6tkrj7Wfu2
/CGgGM9+3ubPdW9CJeBPSGO92VxAyomLf7Y68ezVO0zuK/FuqqMPwaADJ64eCLU=
=sbdL
-----END PGP SIGNATURE-----

More information about the Users mailing list