You are not logged in.
Pages: 1
Hello dear archlinux community.
Recently I converted to netctl and had some trouble with it.
With the new system I also tried a new thing (and there is not much to find on google):
I wanted to use vlans on my archlinux vserver to listen on multiple IPv6 addresses.
The eth0 interface is reachable via IPv4&6 from outside but the virtual eth0.10 is not.
Do I have the config right? Any logic problems?
Description='uplink ipv4/6'
Interface=eth0
Connection=ethernet
IP=dhcp
## for IPv6
#IP6=dhcp
IP6=static
Address6=('my:ip:v:6::1/64')
and for the vlan
Description='vlan10 on interface eth0'
Interface=eth0.10
Connection=vlan
BindsToInterfaces=eth0
VLANID=10
#IP=no
#IP=static
#Adress=('127.0.0.1/8')
IP6=static
Address6=('my:ip:v:6::10/64')
For some diagnostics
ip -6 route
my:ip:v:6::/64 dev eth0 proto kernel metric 256
my:ip:v:6::/64 dev eth0.10 proto kernel metric 256
fe80::/64 dev eth0 proto kernel metric 256
fe80::/64 dev eth0.10 proto kernel metric 256
default via fe80::4 dev eth0 metric 202
ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether x:x:x:x:x:x brd ff:ff:ff:ff:ff:ff
inet my.ip.v.4/22 brd 37.221.195.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 my:ip:v:6::1/64 scope global
valid_lft forever preferred_lft forever
inet6 x::x:x:x:x/64 scope link
valid_lft forever preferred_lft forever
3: eth0.10@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether x:x:x:x:x:x brd ff:ff:ff:ff:ff:ff
inet6 my:ip:v:6::10/64 scope global
valid_lft forever preferred_lft forever
inet6 x::x:x:x:x/64 scope link
valid_lft forever preferred_lft forever
/edit
Had to append two lines to /etc/sysctl.conf to get IPv6 working on eth0 in the first place
net.ipv6.conf.eth0.autoconf = 0
net.ipv6.conf.eth0.accept_ra = 0
Excuse my bad english ^^
Hope to see some replies soon
Last edited by raunz (2013-05-21 11:46:32)
Offline
You're using the same subnet in both VLAN's? That's possibly causing asymmetric routing (ie, packet comes in eth0.10, your kernel routes it back via eth0). Not a huge issue in itself, although an upstream firewall might not like it.
The upstream router probably has the same issue; it sees my:ip:v:6::1/64 is on it's eth0 interface, so it routes traffic for my:ip:v:6::10 via eth0 instead of eth0.10 although IIRC Linux does answer for any address it owns on any interface, but that might have changed for IPv6, I haven't tested it.
May I ask why you have the same subnet in multiple Layer 2 networks?
EDIT: by the way, to make the obfuscation of your IP address easier to read, in future just replace the first couple of Chazwazzas* with 2001:db8:: so 2001:87aa:2822:ab34::10 becomes 2001:db8::2822:ab34::10 (yes, it's an invalid address, but it makes it easier to read as an IPv6 address still)
* There's still no accepted name for the 'parts' of an IPv6 address: http://tools.ietf.org/html/draft-denog- … ection-4.1
Last edited by fukawi2 (2013-05-21 22:12:10)
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
Yes I do because my vserver provider is giving me a full range of adresses: 2001:db8:2:14c::/64
How am I supposed to use all of these addresses?
I tried to assign different SSL Certs to the interfaces.
rgds
Offline
You need to describe your setup in more detail for us.
At the moment, my understanding is that you have the below arrangement; is this correct?
+------------------------+
| INTERNET |
+---------+--------------+
|
|
|eth0
+---------v--------------+
| VSERVER |
+---------+--------------+
|eth0.10
|
|
|
+---------v--------------+
| Some other network |
+------------------------+
(Created with http://www.asciiflow.com/)
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
More something like this:
+------------------------+
| INTERNET |
+---------+---------+----+
| |
| |
|eth0 |eth0.10 / eth0.20 / eth0.21 / ...
+---------v---------v----+
| VSERVER |
+------------------------+
I got one IPv4 address and several IPv6 addresses which I want to make reachable from the internet.
... if thats even possible
Last edited by raunz (2013-05-28 07:50:12)
Offline
Is that how your provider sets it up or have you created that setup?
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
Pages: 1