Life, the Universe and Everything

some more mind ramblings

« ISCWN 2010 in Vienna, August 12-15

IPv6 and Xen on a Hetzner hosted system

Filed under Uncategorized by wnagele

Now that Hetzner is offering IPv6 natively we decided to enable it on our Xen virtualized systems. It seems that there is some confusion in the customer forum (link only available to Hetzner customers) as to how this can be achieved with the routed network Hetzner is using.

I will explain my solution to this, if you have input and/or improvements i would be glad to hear them. This approach is based on using proxy_ndp and can only route specific IPv6 addresses to a domU. We currently have no need for subnet routing and i did not look into that. Our setup is based on Ubuntu 8.04.3 LTS (Codename Hardy) and so is the configuration here and the patch.


First we add a IPv6 address to our physical interface in the dom0:

/etc/network/interfaces
iface eth0 inet6 static
 address 2a01:4f8:100:4463:1::1
 netmask 64
 up ip -6 route add 2a01:4f8:100:4460::1 dev eth0
 up ip -6 route add default via 2a01:4f8:100:4460::1


Enable routing and proxy_ndp on the interfaces:

/etc/sysctl.conf
net.ipv6.conf.all.forwarding=1
net.ipv6.conf.all.proxy_ndp=1


Patch BenV’s vif-route script to enable the use of proxy_ndp:

/etc/xen/scripts/vif-route
--- vif-route.orig    2009-09-28 13:45:40.000000000 +0200
+++ vif-route 2010-07-08 22:36:32.000000000 +0200
@@ -55,6 +55,7 @@
         ifconfig ${vif} ${main_ip} netmask 255.255.255.255 up
        if [ ! -z "${main_ip6}" ]; then
                ip -6 addr add ${main_ip6} dev ${vif}
+               echo 1 >/proc/sys/net/ipv6/conf/${vif}/proxy_ndp
        fi
         echo 1 >/proc/sys/net/ipv4/conf/${vif}/proxy_arp
         ipcmd='add'
@@ -80,6 +81,10 @@
                log info "[vif-route] Adding IPv6 address ${addr} with src ${main_ip6} for $vif."
              result=`${cmdprefix} ip -6 route ${ipcmd} ${addr} dev ${vif} src ${main_ip6} 2>&1`
                log info "[vif-route] Result: ${result}"
+
+               log info "[vif-route] Adding IPv6 proxy ${addr} on ${netdev:-eth0}."
+             result=`${cmdprefix} ip -6 neighbor ${ipcmd} proxy ${addr} dev ${netdev:-eth0} 2>&1`
+               log info "[vif-route] Result: ${result}"
        fi
     done
 fi


Now to give a domU a specific IPv6 address you’ll have to adjust the vif statement of that guest configuration:

/etc/xen/<domu>.cfg
vif = [ 'ip=188.40.226.34 2a01:4f8:100:4463:2::1,mac=00:16:3E:EB:42:59' ]


Inside that domU you’ll need to configure this:

/etc/network/interfaces
iface eth0 inet6 static
 address 2a01:4f8:100:4463:2::1
 netmask 64
 gateway 2a01:4f8:100:4463:1::1
, ,
July 13, 2010 at 5:08 pm
Leave a Reply or trackback