Once a geek, forever a geek…

OpenVZ and IPv6 configuration

June 23, 2010 by Marius Voila | 3 Comments

I have not found any recommentation to configure IPv6 for Debian/Lenny/Ubuntu OpenVZ hosts. The OpenVZ project always lacks a bit of documentation when it comes to v6, so here is how you get it working with venet devices.

Add the following to your /etc/sysctl.conf to enable IPv6 package forwarding and proxy neighbor discovery (RFC 4389).

# IPv6 Packet Forwarding and Proxy NDP
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.default.proxy_ndp = 1
net.ipv6.conf.all.proxy_ndp = 1

Be sure to set a manual route to your default gateway. Once you enable IPv6 package forwarding on your interfaces, routes for auto discovered default gateways are removed from the routing table.

Enable IPv6 in your /etc/vz/vz.conf:

IPV6="yes"

Now just add a new address to one of your containers and enjoy. ;) 

sudo vzctl set 101 --ipadd 2001:b30:5000:2:227:13ff:fe6a:cced --save

Related Posts

Author: Marius Voila

Hi! My name is Marius Voila, and I am a professional system administrator, system architect, and designer.

3 Comments

Leave a reply →

  1. nokoya
    July 28, 2010 at 17:22

    Hello there,

    I notice that proxy_ndp isnt available in Centos. do you ever try this setting on centos ?

  2. Mariusv
    July 28, 2010 at 17:29

    in CentOS i did not try..sorry

  3. Lars Bailey
    December 28, 2010 at 00:43

    IPv6 networking for OpenVZ containers,is no more difficult to setup,than configuring IPv4.
    I use IPv6 exclusively,using a combination of RedHat and Debian containers.
    (non-bridged and bridged virtual Ethernet)
    The use of Proxy_NDP,is not a requirement,although it is often demonstrated in OVZ documentation.
    It has the same effect,as using ProxyARP for IPv4.
    This means,all containers are reachable from within a container.
    You can use the IP command,to add neighbors manually,if you need to.
    As long as you have traffic flow coming from a container,you can use;

    ip -6 neigh show

    on the Node,and all neighboring IPv6 containers are visible.
    As far as VENET,I do not used it.
    I find it limiting,in the types of applications that can be ran in a container.
    In short,if you want RedHat containers to have IPv6 networking,follow the same IPv6 rules as a physical machine.
    For Debian,the same rules apply,sans “modprobe ipv6″.(this is not needed)
    As a side note,OVZ docs do have a “lacking” feature to them.

    Regards

    L.

Leave a Reply

Required fields are marked *.

*