Recently we had issues with adding IPv6 to the OpenVZ containers. Here is the steps we used to enable and add IPv6 to OpenVZ. Following steps has been performed on a CentOS 6.5 node with CentOS 6.5 container, please adjust the settings suits to the distro that you are using.

******* All IPs/Hostnames (except google DNS/Hostnames) appearing in this work are fictitious.
Any resemblance to real IPs/Hostnames, living or dead, is purely coincidental *******

1. Check whether the kernel IPv6 module is loaded.

[root@srvr1 ~]# lsmod | grep ipv6
ipv6 322874 67 ip6t_REJECT

2. We need to enable packet forwarding for IPv6 and also need to change some other values on sysctl.

[root@srvr1 ~]# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.ip_forward = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.all.proxy_ndp = 1
net.ipv6.bindv6only = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0

3. Add the folowwing details to /etc/sysconfig/network.

NETWORKING_IPV6=YES
IPV6FORWARDING=yes
IPV6_DEFAULTDEV=eth1
IPV6_DEFAULTGW=20061:19gd98:300:1091::1
IPV6_AUTOCONF=no

“IPV6_DEFAULTDEV” — Default device for IPv6
“IPV6_DEFAULTGW” — IPv6 default gateway IP

4. Add the following to /etc/sysconfig/network-scripts/ifcfg-eth1

IPV6INIT=yes
IPV6ADDR=”20061:19gd98:300:1091::2/64″

Whole /etc/sysconfig/network-scripts/ifcfg-eth1 will look like this,

root@srvr1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=”eth1″
BOOTPROTO=none
BROADCAST=”212.105.149.7″
DNS1=”8.8.8.8″
GATEWAY=”212.105.149.1″
IPADDR=”212.105.149.3″
NETMASK=”255.255.255.248″
NM_CONTROLLED=”yes”
ONBOOT=”yes”
TYPE=”Ethernet”
UUID=”47cc50cdf0-729d-4196-9edc-472fc052dbd9″
HWADDR=00:15:890:C8:F2:79
PREFIX=29
DNS2=8.8.4.4
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=yes
IPV6ADDR=”20061:19gd98:300:1091::2/64″
NAME=”System eth1″
LAST_CONNECT=1392492446

5. Check the output of following command is 0

cat /proc/sys/net/ipv6/conf/default/disable_ipv6

6. Disable ip6tabels,

service ip6tables stop
chkconfig ip6tables off

7. Restart network

service networking restart

8. Add IPv6 to the container

vzctl set 1001 –ipadd 20061:19gd98:300:1091::3/128 –save

Important : OpenVZ does not support IP prefix. It only supports a single IP, ie, prefix 128 in IPv6 (same as 32 in IPv4)

9. Enter to the container and check,

vzctl enter 1001

root@cent1 [/]# ping6 -c 4 ipv6.google.com

PING ipv6.google.com(lga15s34-in-x02.1e100.net) 56 data bytes 64 bytes from lga15s34-in-x02.1e100.net: icmp_seq=1 ttl=56 time=7.82 ms

🙂

Leave a Reply

Your email address will not be published. Required fields are marked *