wiki:enable_ipv6_lxc_containers
Table of Contents
Enable ipv6 for lxc containers
Add to container config (substitute correct ipv6 address):
lxc.network.ipv6 = 2a01:123:11:99e:10:10:10:10/120 lxc.network.ipv6.gateway = auto
Check firewall
/etc/shorewall6/rules
... SSH(ACCEPT) net lxc:[2a01:123:11:99e:10:10:10:10] Trcrt(ACCEPT) net lxc:[2a01:123:11:99e:10:10:10:10] ...
/etc/shorewall6/zones
... #ZONE TYPE OPTIONS IN OUT # OPTIONS OPTIONS fw firewall net ipv6 lxc ipv6 ...
/etc/shorewall6/interfaces
... #ZONE INTERFACE OPTIONS net enp0s31f6 tcpflags lxc br0 bridge ...
and ipv6 forwarding on host
sysctl net.ipv6.conf.all.forwarding sysctl -w net.ipv6.conf.all.forwarding=1
Edit /etc/sysctl.conf for persistence when rebooted if necessary.
Add ipv6 address to host's bridge interface
ip addr add 2a01:123:11:99e:10:10:10:1/120 dev br0
Example from /etc/network/interfaces:
... iface br0 inet6 static address 2a01:123:11:99e:10:10:10:1 netmask 120 ...
Add ipv6 address and default route in container
Order of commands matter. First add containers ip address (otherwise you get RTNETLINK answers: No route to host).
ip addr add 2a01:123:11:99e:10:10:10:10/120 dev eth0 ip -6 route add default via 2a01:123:11:99e:10:10:17:1
Tested on
See also
References
wiki/enable_ipv6_lxc_containers.txt · Last modified: 2021/05/19 11:59 by antisa