Hello,
I have a VPS at a hoster where I got 3 /64 ipv6 prefixes/subnets, that are routed;
one for the VPS itself - let us call this srvprefix one for the tunnel, only ::1 (server side) and ::2 (home side) are used - let us call this tunnelprefix and one for my network at home - let us call this homeprefix
now I'm just in test state, a CentOS VM is the other end of the tunnel; (when the server runs well, my CentOS ZBOX will become the other end of the tunnel)
at the server
the eth0 device has serverprefix::1, the sit1 device has tunnelprefix::1
the routing is set with /etc/sysconfig/network-scripts/route6-sit1
tunnelprefix::2 dev sit1 homeprefix::/64 via tunnelprefix::2 dev sit1
in sysctl.conf these are set
net.ipv6.conf.all.forwarding = 1 net.ipv6.conf.all.proxy_ndp = 1
now I have to do these
ip -6 neigh add proxy homeprefix::1 dev eth0 ip -6 neigh add proxy homeprefix::### dev eth0
the question, can I do something to avoid these "ip -6 neigh ..."? if yes, what? and how? can the hoster do something? if yes, what?
Thanks,
Walter
my ISP told me that he won't deploy IPv6 within the next 5 years;
On 12/1/20 8:39 PM, Walter H. wrote:
I have a VPS at a hoster where I got 3 /64 ipv6 prefixes/subnets, that are routed;
one for the VPS itself - let us call this srvprefix one for the tunnel, only ::1 (server side) and ::2 (home side) are used - let us call this tunnelprefix and one for my network at home - let us call this homeprefix
now I'm just in test state, a CentOS VM is the other end of the tunnel; (when the server runs well, my CentOS ZBOX will become the other end of the tunnel)
at the server
the eth0 device has serverprefix::1, the sit1 device has tunnelprefix::1
the routing is set with /etc/sysconfig/network-scripts/route6-sit1
tunnelprefix::2 dev sit1 homeprefix::/64 via tunnelprefix::2 dev sit1
in sysctl.conf these are set
net.ipv6.conf.all.forwarding = 1 net.ipv6.conf.all.proxy_ndp = 1
now I have to do these
ip -6 neigh add proxy homeprefix::1 dev eth0 ip -6 neigh add proxy homeprefix::### dev eth0
the question, can I do something to avoid these "ip -6 neigh ..."? if yes, what? and how? can the hoster do something? if yes, what?
I may be missing something, but you have 3 different networks, shouldn't you just configure routing instead of using proxy_ndp?
Regards.
On 02.12.2020 09:16, Roberto Ragusa wrote:
On 12/1/20 8:39 PM, Walter H. wrote:
I have a VPS at a hoster where I got 3 /64 ipv6 prefixes/subnets, that are routed;
one for the VPS itself - let us call this srvprefix one for the tunnel, only ::1 (server side) and ::2 (home side) are used - let us call this tunnelprefix and one for my network at home - let us call this homeprefix
now I'm just in test state, a CentOS VM is the other end of the tunnel; (when the server runs well, my CentOS ZBOX will become the other end of the tunnel)
at the server
the eth0 device has serverprefix::1, the sit1 device has tunnelprefix::1
the routing is set with /etc/sysconfig/network-scripts/route6-sit1
tunnelprefix::2 dev sit1 homeprefix::/64 via tunnelprefix::2 dev sit1
in sysctl.conf these are set
net.ipv6.conf.all.forwarding = 1 net.ipv6.conf.all.proxy_ndp = 1
now I have to do these
ip -6 neigh add proxy homeprefix::1 dev eth0 ip -6 neigh add proxy homeprefix::### dev eth0
the question, can I do something to avoid these "ip -6 neigh ..."? if yes, what? and how? can the hoster do something? if yes, what?
I may be missing something,
can you specify this?
but you have 3 different networks,
yes, my own network at home, the network of the tunnel, and public the network where the VPS is part of;
shouldn't you just configure routing instead of using proxy_ndp?
without these the following is not possible, -> Destination host unreachable
ping6 homeprefix::1 ping6 tunnelprefix::2 ping6 tunnelprefix::1 (the sit1 device of the server itself)
Thanks,
Walter
On 12/2/20 10:02 AM, Walter H. wrote:
On 02.12.2020 09:16, Roberto Ragusa wrote:
but you have 3 different networks,
yes, my own network at home, the network of the tunnel, and public the network where the VPS is part of;
shouldn't you just configure routing instead of using proxy_ndp?
without these the following is not possible, -> Destination host unreachable
ping6 homeprefix::1 ping6 tunnelprefix::2 ping6 tunnelprefix::1 (the sit1 device of the server itself)
If I understand correctly your hoster has assigned you 3 subnetworks but it is not routing them to your VPS, it just expects your VPS to use them on its interface. In this case, yes, you need proxy_ndp, and if there is a way to avoid enumerating each IP I would be interested to know.
If instead tunnelprefix and homeprefix were just externally routed to serverprefix::1 everything would be simpler, but that is not under your control, I assume.
Regards.
-
Roberto Ragusa -
Walter H.