[PVE-User] PX4 and IPv6
Guillaume
proxmox at shadowprojects.org
Wed Aug 17 17:20:09 CEST 2016
Hello,
I have an issue with ipv6.
My host and my lxc container all have an ipv6 address and are able to
ping worldwide ipv6 addresses (e.g. ping6 ipv6.google.com works).
My host can ping my containers ipv6 address.
I can't ping my ipv6 addresses from the outside, except for the host
ipv6 address.
Here's my firewall configuration :
* cluster.fw
[OPTIONS]
enable: 1
[RULES]
IN Ping(ACCEPT)
IN NeighborDiscovery(ACCEPT)
[group web]
IN HTTPS(ACCEPT)
IN HTTP(ACCEPT)
* 102.fw
[OPTIONS]
enable: 1
[RULES]
IN Ping(ACCEPT)
IN NeighborDiscovery(ACCEPT)
GROUP web
# sysctl -p
net.ipv6.conf.eth0.disable_ipv6 = 0
net.ipv6.conf.eth1.disable_ipv6 = 0
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.all.autoconf = 0
net.ipv6.conf.default.autoconf = 0
net.ipv6.conf.vmbr0.autoconf = 0
net.ipv6.conf.all.accept_ra = 0
net.ipv6.conf.default.accept_ra = 0
net.ipv6.conf.vmbr0.accept_ra = 0
net.ipv6.conf.vmbr0.accept_ra = 0
net.ipv6.conf.vmbr0.autoconf = 0
fs.inotify.max_user_instances = 1024
* Host ipv6 interface :
iface vmbr0 inet6 static
address 2001:41d0:1007:1c79::
netmask 64
post-up /sbin/ip -f inet6 route add
2001:41d0:1007:1cff:ff:ff:ff:ff dev vmbr0
post-up /sbin/ip -f inet6 route add default via
2001:41d0:1007:1cff:ff:ff:ff:ff
pre-down /sbin/ip -f inet6 route del default via
2001:41d0:1007:1cff:ff:ff:ff:ff
pre-down /sbin/ip -f inet6 route del
2001:41d0:1007:1cff:ff:ff:ff:ff dev vmbr0
* Container ipv6 interface :
iface eth0 inet6 static
address 2001:41d0:1007:1c79::102
netmask 64
# --- BEGIN PVE ---
post-up ip route add 2001:41d0:1007:1cff:ff:ff:ff:ff dev eth0
post-up ip route add default via
2001:41d0:1007:1cff:ff:ff:ff:ff dev eth0
pre-down ip route del default via
2001:41d0:1007:1cff:ff:ff:ff:ff dev eth0
pre-down ip route del 2001:41d0:1007:1cff:ff:ff:ff:ff dev eth0
# --- END PVE ---
Any idea ?
Thanks,
--
Guillaume Hilt
More information about the pve-user
mailing list