IPV6 not working inside lxc

Aug 6, 2018
21
2
8
30
Hi,
Proxmox info :
Kernel Version

Linux 4.15.18-10-pve #1 SMP PVE 4.15.18-32 (Sat, 19 Jan 2019 10:09:37 +0100)
PVE Manager Version

pve-manager/5.3-9/ba817b29


When i configure

Config.png

On my server i did not have inet6 ip .

I have to do manualy
On debian 9
ip -6 addr add 2001:4XX:XXXX:20c6:0:0:0:10/64 dev eth1
ip route add 2001:4XX:XXX:20ff:ff:ff:ff:ff dev eth1

I can ping my vmbr0 but i can't ping the ipv6 gateway.
did i have to enable ipv6 foward ?

Best regards
 

Attachments

  • Config.png
    Config.png
    24.5 KB · Views: 56
hm - the gateway does not seem to be in the same subnet as the address you gave the container:
unless you want to configure this via point-to-point - the gateway needs to start with 2001:4XX:XXXX:20c6::
I hope this helps!
 
@Stoiko Ivanov Thx for you reply.
yes of course my provider gave me a bad network
I used 2001:4XX:XXXX:20ff: as network and it's work well..
But
inside my interfaces config



iface eth1 inet6 static
address 2001:41XX:XXX:20ff:XXX:XXX:XXX:XXX
netmask 64
gateway 2001:4XXX:XXX:20ff:ff:ff:ff:ff


but the network is not up when the container boot
 
What do you mean by the network is not up when the container boots?
* please post the output of
** `ip link`
** `ip addr`
** `ip -6 route`

inside the container when it boots
what kind of container is it? (Distribution)
please also post the relevant network configuration (e.g. for debian based systems: /etc/network/interfaces)

can you ping the PVE-node?
 
iface eth1 inet6 static
address 2001:XXX:XXX:20ff:0:0:0:11
netmask 64
gateway 2001:XXX:XXX:20ff:ff:ff:ff:ff



ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
228: eth0@if229: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether de:10:c6:1d:5d:39 brd ff:ff:ff:ff:ff:ff link-netnsid 0
230: eth1@if231: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether 00:50:56:0a:8e:6e brd ff:ff:ff:ff:ff:ff link-netnsid 0


ip addr
230: eth1@if231: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:50:56:0a:8e:6e brd ff:ff:ff:ff:ff:ff link-netnsid 0
HIDDEN scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fe0a:8e6e/64 scope link
valid_lft forever preferred_lft forever

fe80::/64 dev eth0 proto kernel metric 256 pref medium
fe80::/64 dev eth1 proto kernel metric 256 pref medium


I'm on debian9
The proxmox node did not reply because the ipv6 is not set
 
if possible please post output and file content in code-tags - makes it much easier to read...

the part of the /etc/network/interfaces could show that it's missing the:
Code:
auto eth1

* does it work if you run `ifup eth1` in the container?
* do you see anything relevant in `journalctl -b` inside the container?
 
if possible please post output and file content in code-tags - makes it much easier to read...

the part of the /etc/network/interfaces could show that it's missing the:
Code:
auto eth1

* does it work if you run `ifup eth1` in the container?
* do you see anything relevant in `journalctl -b` inside the container?
Code:
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
        address 10.0.0.91
        netmask 255.255.0.0

auto eth1
....

iface eth1 inet6 static
address 2001:XXX:XXX:20ff:0:0:0:11
   netmask 64
   gateway 2001:XXX:XXX:20ff:ff:ff:ff:ff

ifup eth1
Code:
ifup eth1
RTNETLINK answers: File exists
ifup: failed to bring up eth1


journalctl - b
Code:
sept. 13 18:57:58 stun systemd[1]: Reached target Sockets.
sept. 13 18:57:58 stun systemd[1]: Reached target Basic System.
sept. 13 18:57:58 stun systemd[1]: cron.service: Failed to reset devices.list: Operation not permitted
sept. 13 18:57:58 stun systemd[1]: Started Regular background program processing daemon.
sept. 13 18:57:58 stun systemd[1]: authprotect.service: Failed to reset devices.list: Operation not permitted
sept. 13 18:57:58 stun systemd[1]: Starting LSB: authprotect initscript...
sept. 13 18:57:58 stun systemd[1]: Started Daily Cleanup of Temporary Directories.
sept. 13 18:57:58 stun systemd[1]: dbus.service: Failed to reset devices.list: Operation not permitted
sept. 13 18:57:58 stun systemd[1]: Started D-Bus System Message Bus.
sept. 13 18:57:58 stun cron[59]: (CRON) INFO (pidfile fd = 3)
sept. 13 18:57:58 stun cron[59]: (CRON) INFO (Running @reboot jobs)
 
The log looks a bit truncated? (no mention of any network-service start at all)

If possible enter the container via `pct enter` and run
ifdown eth1 ; ifup eth1 (and post the output as well as the journal for that time)
 
Hi
Code:
ifdown eth1 ; ifup eth1
ifdown: interface eth1 not configured
RTNETLINK answers: File exists
ifup: failed to bring up eth1

There is no syslog output when i do this command
Best regards
 
tried reproducing it here locally - and the ipv6 static configuration works here

please post the container config : `pct config $vmid`
please post the complete boot-log of the container: `journalctl -b`

RTNETLINK answers: File exists
this would indicate that some other interface already has set the ipv6 default route (which does not match your `ip -6 route` output)
 
Hi there
Thx for reply
journalctl -b
Code:
-- Logs begin at Wed 2019-09-18 00:07:36 CEST, end at Wed 2019-09-18 00:07:42 CEST. --
sept. 18 00:07:36 stun systemd-journald[41]: Journal started
sept. 18 00:07:36 stun systemd-journald[41]: Runtime journal (/run/log/journal/cc11114e1c21463ba2abebabf9b85d0e) is 8.0M, max 784.6M, 776.6M free.
sept. 18 00:07:36 stun systemd[1]: systemd-journal-flush.service: Failed to reset devices.list: Operation not permitted
sept. 18 00:07:36 stun systemd[1]: Starting Flush Journal to Persistent Storage...
sept. 18 00:07:36 stun systemd[1]: Mounted POSIX Message Queue File System.
sept. 18 00:07:36 stun systemd[1]: Mounted Huge Pages File System.
sept. 18 00:07:36 stun systemd-journald[41]: Runtime journal (/run/log/journal/cc11114e1c21463ba2abebabf9b85d0e) is 8.0M, max 784.6M, 776.6M free.
sept. 18 00:07:36 stun systemd[1]: Started Flush Journal to Persistent Storage.
sept. 18 00:07:36 stun systemd[1]: systemd-tmpfiles-setup.service: Failed to reset devices.list: Operation not permitted
sept. 18 00:07:36 stun systemd[1]: Starting Create Volatile Files and Directories...
sept. 18 00:07:36 stun systemd[1]: systemd-journal-flush.service: Failed to reset devices.list: Operation not permitted
sept. 18 00:07:36 stun ifup[46]: /etc/network/if-up.d/sendmail: 44: .: Can't open /usr/share/sendmail/dynamic
sept. 18 00:07:36 stun ifup[46]: run-parts: /etc/network/if-up.d/sendmail exited with return code 2
sept. 18 00:07:36 stun ifup[46]: ifup: failed to bring up lo
sept. 18 00:07:36 stun systemd[1]: Started Create Volatile Files and Directories.
sept. 18 00:07:36 stun systemd[1]: Reached target System Time Synchronized.


pct config

Code:
arch: amd64
cores: 1
hostname: stun.XXXX
memory: 4096
mp1: /mnt/pve/nfs-share/scripts/,mp=/mnt/scripts/
nameserver: 10.0.0.60 10.0.0.61 8.8.8.8
net0: name=eth0,bridge=vmbr1,hwaddr=DE:10:C6:1D:5D:39,ip=10.0.0.91/16,type=veth
net1: name=eth1,bridge=vmbr0,gw=XXXXX,gw6=2001:XXXX:XXXX:20ff:ff:ff:ff:ff,hwaddr=00:50:56:0a:8e:6e,ip=XXXXXXXX/32,ip6=2001:XXXX:XXXX:20ff:0:0:0:11/64,type=veth
onboot: 1
ostype: debian
rootfs: local:191/vm-191-disk-0.raw,size=25G
searchdomain: open-dsi.lan
swap: 0

I will try with debian9 fresh install

Update
This is working on fresh container.
 
Last edited:
Ok the ipv6 config look like solved..
I have another question what do you think about

Code:
ifconfig

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 2001:XXXX:XXXX:20c6:ff:ff:ff:22  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::c4f:eeff:fec1:cc  prefixlen 64  scopeid 0x20<link>
        ether 0e:4f:ee:c1:00:cc  txqueuelen 1000  (Ethernet)
        RX packets 4188  bytes 2057982 (1.9 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 637  bytes 53598 (52.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0



route -n -6


Destination                    Next Hop                   Flag Met Ref Use If
2001:XXXX:XXXX:20c6::/64        ::                         U    256 1     0 eth1
2001:XXXX:XXXX:20ff:ff:ff:ff:ff/128 ::                         U    1024 2     8 eth1
fe80::/64                      ::                         U    256 2     2 eth0
fe80::/64                      ::                         U    256 2     2 eth1
::/0                           2001:XXXX:XXXX:20ff:ff:ff:ff:ff UG   1024 2    20 eth1
::1/128                        ::                         Un   0   3     6 lo
2001:XXXX:XXXX:20c6:ff:ff:ff:22/128 ::                         Un   0   3     9 eth1
fe80::c4f:eeff:fec1:cc/128     ::                         Un   0   4   238 eth1
fe80::488e:95ff:fefe:188/128   ::                         Un   0   3   443 eth0
ff00::/8                       ::                         U    256 5    42 eth0
ff00::/8                       ::                         U    256 3   127 eth1
::/0                           ::                         !n   -1  1     1 lo

traceroute6 google.fr
traceroute to google.fr (2a00:1450:4007:812::2003), 30 hops max, 80 byte packets
1  2001:XXXX:XXXX:20ff:ff:ff:ff:fd (2001:XXXX:XXX:20ff:ff:ff:ff:fd)  1.193 ms  1.406 ms  1.661 ms
2  * * *
3  * * *
4  * * *
5  * * *
6  * * *
7  * * *
8  * * *
9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *

I'm using ff:ff as gateway but the first is ff:fd ?
ff:fd look like to block my trafic?
do you agree ?
 
Glad your issue is resolved - I believe it's due to sendmail being installed on the initial container -
sept. 18 00:07:36 stun systemd[1]: systemd-journal-flush.service: Failed to reset devices.list: Operation not permitted
sept. 18 00:07:36 stun ifup[46]: /etc/network/if-up.d/sendmail: 44: .: Can't open /usr/share/sendmail/dynamic
sept. 18 00:07:36 stun ifup[46]: run-parts: /etc/network/if-up.d/sendmail exited with return code 2

As for the traceroute - this is something which can be quite tricky - it just says that it got an answer from 2001:XXXX:XXXX:20ff:ff:ff:ff:fd but nothing afterwards answers. (e.g. the packet could be sent to the destination and the reply is dropped on the way back one hop before 2001:XXXX:XXXX:20ff:ff:ff:ff:fd )

You can try using UDP/TCP/ICMP probes - or `mtr` - usually this gives a more complete picture

I hope this helps!
 
Can you explain me what do you mean or what is the command
TCP/UDP/ICMP can be done with `traceroute6` (check the man-page `man traceroute6`)
`mtr` needs to be installed (`apt install mtr-tiny` - `man mtr`)

I hope this helps!
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!