0

I’m setting up IPv6 on my existing VPS and backup server. The VPS is located in Fremont on Linode, and the backup server is located in New Zealand. I have several VPSs within the Fremont data center.

The VPSs are set up using systemd-networkd and can ping each other. But I experienced the perplexing issue where one or more of them can't ping the NZ backup server over IPv6. The address resolves correctly, but the packets are simply reported as lost. IPv4 working fine in all cases.

Strangely enough, the solution is simply to ping some other IPv6 addresses, and then, with luck, eventually the packets from the VPS to the NZ backup server are routed correctly and ping works correctly with no lost packets.

I’m wondering if there are some issues routing between Fremont and NZ. If so, where is the routing state stored? In the hypervisor? In my VPS? Is there some way I can figure out what is causing this problem?

I'd just like to understand a bit better what is going on here, and if there is anything I can do to improve the reliability of IPv6 within my infrastructure.

ioquatix
  • 101
  • 2
  • 4
    You'll have to ask Linode to help you debug this. They are the only ones who can look into their infrastructure. – Sander Steffann Jun 27 '16 at 10:15
  • 1
    Looks like an issue with your network provider and they'd have to solve this. But in the worst case scenario and when switching providers isn't an option, assuming IPv4 works fine you could tunnel IPv6 in IPv4 between your two servers. – André Borie Jun 27 '16 at 10:36
  • It would be nice to have an answer which explains, at the protocol level, what is going on, e.g. is this a problem with upstream routers? ICMPv6? MTU discovery? – ioquatix Jul 03 '16 at 02:05
  • It could be all of the above. We have no way to debug this for you. If you want to see what's going on I suggest you start by making packet captures at both hosts to see which packets are lost/corrupted. Also check whether you can reach other hosts over IPv6 and which ones you can't to see if there's a pattern (maybe they share the same upstream provider). Take a look at this as well: http://mina.naguib.ca/blog/2012/10/22/the-little-ssh-that-sometimes-couldnt.html it describes how someone figured out which upstream router was corrupting packets between their servers. – André Borie Oct 14 '16 at 06:46

0 Answers0