IPv6 and Xen on a Hetzner hosted system

Posted on July 13, 2010 | Leave a comment

Now that Hetzner is offering IPv6 natively we decided to enable it on our Xen virtualized systems. It seems that there is some confusion in the customer forum (link only available to Hetzner customers) as to how this can be achieved with the routed network Hetzner is using.

I will explain my solution to this, if you have input and/or improvements i would be glad to hear them. This approach is based on using proxy_ndp and can only route specific IPv6 addresses to a domU. We currently have no need for subnet routing and i did not look into that. Our setup is based on Ubuntu 8.04.3 LTS (Codename Hardy) and so is the configuration here and the patch.


First we add a IPv6 address to our physical interface in the dom0:

/etc/network/interfaces
iface eth0 inet6 static
 address 2a01:4f8:100:4463:1::1
 netmask 64
 up ip -6 route add 2a01:4f8:100:4460::1 dev eth0
 up ip -6 route add default via 2a01:4f8:100:4460::1


Enable routing and proxy_ndp on the interfaces:

/etc/sysctl.conf
net.ipv6.conf.all.forwarding=1
net.ipv6.conf.all.proxy_ndp=1


Patch BenV’s vif-route script to enable the use of proxy_ndp:

/etc/xen/scripts/vif-route
--- vif-route.orig    2009-09-28 13:45:40.000000000 +0200
+++ vif-route 2010-07-08 22:36:32.000000000 +0200
@@ -55,6 +55,7 @@
         ifconfig ${vif} ${main_ip} netmask 255.255.255.255 up
        if [ ! -z "${main_ip6}" ]; then
                ip -6 addr add ${main_ip6} dev ${vif}
+               echo 1 >/proc/sys/net/ipv6/conf/${vif}/proxy_ndp
        fi
         echo 1 >/proc/sys/net/ipv4/conf/${vif}/proxy_arp
         ipcmd='add'
@@ -80,6 +81,10 @@
                log info "[vif-route] Adding IPv6 address ${addr} with src ${main_ip6} for $vif."
              result=`${cmdprefix} ip -6 route ${ipcmd} ${addr} dev ${vif} src ${main_ip6} 2>&1`
                log info "[vif-route] Result: ${result}"
+
+               log info "[vif-route] Adding IPv6 proxy ${addr} on ${netdev:-eth0}."
+             result=`${cmdprefix} ip -6 neighbor ${ipcmd} proxy ${addr} dev ${netdev:-eth0} 2>&1`
+               log info "[vif-route] Result: ${result}"
        fi
     done
 fi

You can download the original or the patched version here too in case the link above doesn’t work for you.


Now to give a domU a specific IPv6 address you’ll have to adjust the vif statement of that guest configuration:

/etc/xen/<domu>.cfg
vif = [ 'ip=188.40.226.34 2a01:4f8:100:4463:2::1,mac=00:16:3E:EB:42:59' ]


Inside that domU you’ll need to configure this:

/etc/network/interfaces
iface eth0 inet6 static
 address 2a01:4f8:100:4463:2::1
 netmask 64
 gateway 2a01:4f8:100:4463:1::1
This entry was posted in Uncategorized and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s