secondary IPV6 address add gateway and interface problem in VPS ON / openNebula.
After several manual attempts directly in the shell on the vps I decided to ask for support via email. A nice and friendly technician gave me the following link https://kb.wedos.com/cs/vps-on/vps-on-pridani-ipv6-adresy/#pridani-druhe-ipv6-adresy
i followed the guide and i finally managed to add additional ipv6 to the ::/56 subnet assigned in the opennebula panel. As you can see from the following images I have attached and added a total of 5 ipv6.
After updating the changes and restarting the server, the situation is as follows. Given that it is absurd from my point of view that openNebula raises 5 interfaces eth1 for ::1, eth2 for ::2, eth3 ::3 .. in the config and assigning a single ipv6 address for each interface being precisely from the same subnet and not there is an attempt to delegate to a user outside the network. Having said that, I rebooted the server and was expecting that /etc/network/interfaces had already taken the configuration but to my surprise it didn’t.
So I tried to add static addresses at startup without specifying the gateway for all addresses but only for the starting ::1 (see example). Result ::1 responds to pings and all others ::2 ::3 ::4 ::5 do not respond. I then tried to add the gateway for each ip with the result that ::5 replied and ::4 ::3 ::2 ::1 no longer replied.
1) vim /etc/network/interfaces
auto eth1 iface eth1 inet6 static address 2a02:x:x:x::1 netmask 56 autoconf 0 accept_ra 0 gateway 2a02:x:x:x::1 # opennebula specified in the panel auto eth2 iface eth2 inet6 static address 2a02:x:x:x::2 netmask 56 # gateway 2a02:x:x:x::1 (test add ipv6 without gateway) ... continue up to 5
At this point I went to add by hand following information from the main opennebula panel and then to check the routes on the vps and I realized that the situation is the following.
~$ ip -6 r s 2a02:x:x:x::/56 dev eth1 proto kernel metric 256 pref medium 2a02:x:x:x::/56 dev eth2 proto kernel metric 256 pref medium fe80::/64 dev eth0 proto kernel metric 256 pref medium fe80::/64 dev eth1 proto kernel metric 256 pref medium fe80::/64 dev eth2 proto kernel metric 256 pref medium default via 2a02:x:x:x::1 dev eth1 metric 1024 onlink pref medium ~$ route -6 Kernel IPv6 routing table Destination Next Hop Flag Met Ref Use If 2a02:x:x:x::/56 [::] U 256 2 0 eth1 2a02:x:x:x::/56 [::] U 256 1 0 eth2 fe80::/64 [::] U 256 2 0 eth0 fe80::/64 [::] U 256 2 0 eth1 fe80::/64 [::] U 256 1 0 eth2 [::]/0 2a02:2b88:2:500::1 UGH 1024 2 0 eth1 ip6-localhost/128 [::] Un 0 4 0 lo address/128 [::] Un 0 4 0 eth1 2a02:x:x:x::2/128 [::] Un 0 2 0 eth2 fe80::59ff:fedd:d89e/128 [::] Un 0 4 0 eth0 fe80::e8ff:fe41:9a4/128 [::] Un 0 4 0 eth1 fe80::e8ff:fe41:9a5/128 [::] Un 0 2 0 eth2 ff00::/8 [::] U 256 3 0 eth0 ff00::/8 [::] U 256 2 0 eth1 ff00::/8 [::] U 256 2 0 eth2 [::]/0 [::] !n -1 1 0 lo
I realized then and I tried add manually add the gateway for eth2, eth3 … obviously with result:
~$ sudo ip -6 r a default via 2a02:x:x:x::1 dev eth2 RTNETLINK answers: File exists
at this point I wonder how it is right to do. Theoretically I should remove the gateway which is only assigned to eth1 and globally assign it to everything. Correct?
~$ sudo ip -6 r d default via 2a02:x:x:x::1 dev eth1
and add new global gateway without dev
~$ sudo ip -6 r a default via 2a02:x:x:x::1
I have a feeling it won’t work. Did you have the same problem? do you have any ideas about it?
Thanks for your help.
For the record, I sorted it out, dusting off my old routing notes.
I keep thinking and arguing that the address management of an ipv6 subnet as it is now handled by your opennebula system is not correct and wedos admin would have the duty to correct this behavior by reporting directly to opennebula project via github.
I am referring to the latest RFC articles on ipv6 routing of a subnet. At present with leases he creates an eth * interface for each single ipv6 address to which he obviously associates a different mac address which is unnecessary when you are in the same network without external delegation. Usually the most obvious would be to have an example class 2001:a:b:c::/56 on eth*. To add other addresses, a simple ip -6 a a 2001:a:b:c::2 dev eth* is sufficient! it is even superfluous to indicate the type of address ::/64 ::/80 ::/128.
Having said that I describe without going into detail the solution for those who have the same problem. You have to act with iproute2 and create the default routes on single tables. In order:
1) edit /etc/iproute2/rt_table
2) raise the network interfaces related to the additional ipv6
3) add the ipv6 delegate for each interface
4) set the default route for each interface referred to the previously created table.
5) set rule add from :: yourIPV6 table $YourNameTable
Solution two “TO TEST”: opennebula has the option to attach nic as an alias theoretically this should give the possibility to raise the ipv6 starting from eth1 on eth1:1 eth1:2 and so on thus exploiting the same general gateway of eth1 for all aliases. For obvious reasons I have not tried. As for me, the discussion can be closed here. Best Regards.
I apologize if I write below but I have not found a way to edit the previous post.
I add as information. I tried manually to add address and the gateway route for interface eth2 with ipv6 2a02:x:x:x::2
~$ sudo ifconfig eth2 up #mount interface
~$ sudo ip -6 a a 2a02:x:x:x::2/56 dev eth2 #add my secondary ipv6 address to eth2
~$ sudo route -A inet6 add default gw 2a02:x:x:x::1 dev eth2 metric 1024 #add default gateway to eth2
~$ sudo ip -6 r s
2a02:x:x:x::/56 dev eth1 proto kernel metric 256 pref medium #my subnet address ::1
2a02:x:x:x::/56 dev eth2 proto kernel metric 256 pref medium #my subnet address ::2
fe80::/64 dev eth0 proto kernel metric 256 pref medium
fe80::/64 dev eth1 proto kernel metric 256 pref medium
fe80::/64 dev eth2 proto kernel metric 256 pref medium
default metric 1024 pref medium
nexthop via 2a02:x:x:x::1 dev eth1 weight 1 onlink #default gw for my subnet
nexthop via 2a02:x:x:x::1 dev eth2 weight 1 #default gw for my subnet
Same result obtained previously. Adding the gateway also on eth2 this works and responds to the ping, but eth1 with its address :: 1 stops working.
Anyone who has had the need to raise additional secondary ipv6 address on vps or dedicated?
Is there perhaps the possibility of setting from the opennebula panel so that the secondary addresses are always associated with eth1?
Forum admin question: I noticed and read that the questions asked here are not automatically switched to the * .cz help profile. Can I link this thread to help.wedos.cz as well?