0

I am bringing up a rack of server is a co-hosting location and so far I have been using it with IPv4 and using NAT for the in-rack network. I want to add IPv6 so that I can address all the processors from the outside without NAT. My home ISP gives me IPv6 service so I do not need any IPv6 tunnels to do this. The co-location facility has also provided me with an IPv6 /64 prefix.

My gateway system is a Linux 14.04 system. I can ssh with either IPv4 or IPv6 into it and from there ssh to the other IPv4 devices in the rack and I can also ping6 devices in the rack.

The connection to the outside world is br4/eth4. The connection to the in-rack network is br6/eth6. (I use linux bridges (br4/br6) so that any VMs I bring up can use those as interfaces to share the physical port.)

The br4 interface has a static configuration in /etc/network/interfaces like this:

auto br4
iface br4 inet static 
address 64.999.999.112
netmask 255.255.255.240
broadcast 64.999.999.127
gateway 64.999.999.113
dns-nameserver 8.8.8.8 
dns-nameserver 8.8.4.4
dns-search hellothere.com
bridge_ports eth4
bridge_stp off
bridge_fd 0
bridge_maxwait 0

iface br4 inet6 static
address 2001:999:1:999::2 
netmask 64
gateway 2001:999:1:999::1

Then the inside network gets:

auto br6
iface br6 inet static 
address 10.1.0.1
netmask 255.255.0.0
broadcast 10.0.255.255
bridge_ports eth6
bridge_stp off
bridge_fd 0
bridge_maxwait 0

I added radvd and set its configuration file to the following:

interface br6 
{
   AdvSendAdvert on;
   prefix 2001:999:1:999::/64
   {
   };
   RDNSS 2001:470:20::2
   {
       AdvRDNSSLifetime 30;
   };
};

Once I did that, the internal systems were able to assign themselves IPv6 global addresses. For example:

$ ifconfig
eno1      Link encap:Ethernet  HWaddr e8:8d:f5:10:0b:40  
      inet addr:10.1.0.106  Bcast:10.1.255.255  Mask:255.255.0.0
      inet6 addr: 2001:999:1:999:eaff:f5ff:fe10:b40/64 Scope:Global
      inet6 addr: fe80::eaff:f5ff:fe10:b40/64 Scope:Link

However I can ping6 the link-local address from the gateway system but not the global.

So how to get connectivity to the in-rack Global addresses? I tried installing ufw but it doesn't seem to do what I want.

Can anyone suggest the next steps?

AlanObject
  • 662
  • 2
  • 9
  • 20

0 Answers0