Problems with IPv6 and Vultr

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Goran_Mekić <meka_at_tilda.center>
Date: Tue, 05 Dec 2023 12:02:22 UTC
Hello,

I have a problem with IPv6 and Vultr VM. I am getting 
2001:19f0:5401:1699::/64
on vtnet0 and I would like to use that block for host and jails, but for 
some
reason that box doesn't respond to any ping except the one set on vtnet0.

/etc/rc.conf:
hostname="ipv6"
sshd_enable="YES"
ntpd_enable="YES"
static_routes="linklocal"
route_linklocal="-net 169.254.0.0/16 -interface vtnet0"
sendmail_enable="NONE"
dhclient_program="/usr/local/sbin/dhcpcd"
ifconfig_vtnet0="DHCP -rxcsum -tso"
ifconfig_vtnet0_ipv6="inet6 2001:19f0:5401:1699::1/128 -rxcsum6 -tso6"
cloned_interfaces="bridge0"
ifconfig_bridge0_ipv6="inet6 2001:19f0:5401:1699::2/64 auto_linklocal"
ipv6_cpe_wanif="vtnet0"


/usr/local/etc/dhcpcd.conf:
duid
persistent
vendorclassid
option domain_name_servers, domain_name, domain_search
option classless_static_routes
option interface_mtu
option host_name
option rapid_commit
require dhcp_server_identifier
slaac private
interface vtnet0
   ipv6rs
   ipv6ra_noautoconf


/usr/local/etc/dhcpcd.exit-hook:
#!/bin/sh

# Without this I can not ping jails from host, but I'm not sure why I 
have to
# do it explicitly
/sbin/route -6 change -net 2001:19f0:5401:1699::/64 -iface bridge0


Some more info:
# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags     Netif Expire
100.68.0.0/18      link#1             U        vtnet0
100.68.15.72       link#2             UHS         lo0
127.0.0.1          link#2             UH          lo0
169.254.0.0/16     link#1             US       vtnet0
169.254.169.254    100.68.0.1         UGH      vtnet0

Internet6:
Destination                       Gateway Flags     Netif Expire
::/96                             link#2 URS         lo0
default                           fe80::fc00:4ff:feaa:8dae%vtnet0 UG     
vtnet0
::1                               link#2 UHS         lo0
::ffff:0.0.0.0/96                 link#2 URS         lo0
2001:19f0:5401:1699::/64          link#3 US      bridge0
2001:19f0:5401:1699::1            link#2 UHS         lo0
2001:19f0:5401:1699::2            link#2 UHS         lo0
fe80::%lo0/10                     link#2 URS         lo0
fe80::%vtnet0/64                  link#1 U        vtnet0
fe80::5400:4ff:feaa:8dae%lo0      link#2 UHS         lo0
fe80::%lo0/64                     link#2 U           lo0
fe80::1%lo0                       link#2 UHS         lo0
fe80::%bridge0/64                 link#3 U       bridge0
fe80::5a9c:fcff:fe10:9356%lo0     link#2 UHS         lo0
ff02::/16                         link#2 URS         lo0



# ifconfig
vtnet0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> 
metric 0 mtu 1500
  options=4c00ba<TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO,LINKSTATE,TXCSUM_IPV6>
     ether 56:00:04:aa:8d:ae
     inet 100.68.15.72 netmask 0xffffc000 broadcast 100.68.63.255
     inet6 2001:19f0:5401:1699::1 prefixlen 128
     inet6 fe80::5400:4ff:feaa:8dae%vtnet0 prefixlen 64 scopeid 0x1
     media: Ethernet autoselect (10Gbase-T <full-duplex>)
     status: active
     nd6 options=1<PERFORMNUD>
lo0: flags=1008049<UP,LOOPBACK,RUNNING,MULTICAST,LOWER_UP> metric 0 mtu 
16384
  options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
     inet 127.0.0.1 netmask 0xff000000
     inet6 ::1 prefixlen 128
     inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
     groups: lo
     nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
bridge0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> 
metric 0 mtu 1500
     options=0
     ether 58:9c:fc:10:93:56
     inet6 fe80::5a9c:fcff:fe10:9356%bridge0 prefixlen 64 scopeid 0x3
     inet6 2001:19f0:5401:1699::2 prefixlen 64
     id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
     maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
     root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
     groups: bridge
     nd6 options=61<PERFORMNUD,AUTO_LINKLOCAL,NO_RADR>


If I ping 2001:19f0:5401:1699::2 this is what I have on vtnet0:
# tcpdump -nvi vtnet0 icmp6
tcpdump: listening on vtnet0, link-type EN10MB (Ethernet), snapshot 
length 262144 bytes
12:54:42.327405 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 
32) fe80::fc00:4ff:feaa:8dae > ff02::1:ff00:2: [icmp6 sum ok] ICMP6, 
neighbor solicitation, length 32, who has 2001:19f0:5401:1699::2
       source link-address option (1), length 8 (1): fe:00:04:aa:8d:ae
12:54:43.337581 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 
32) fe80::fc00:4ff:feaa:8dae > ff02::1:ff00:2: [icmp6 sum ok] ICMP6, 
neighbor solicitation, length 32, who has 2001:19f0:5401:1699::2
       source link-address option (1), length 8 (1): fe:00:04:aa:8d:ae
12:54:44.361596 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 
32) fe80::fc00:4ff:feaa:8dae > ff02::1:ff00:2: [icmp6 sum ok] ICMP6, 
neighbor solicitation, length 32, who has 2001:19f0:5401:1699::2
       source link-address option (1), length 8 (1): fe:00:04:aa:8d:ae


What is weird is that the VM knows where that IP is:
# ndp -na
Neighbor                             Linklayer Address  Netif Expire    
1s 5s
2001:19f0:5401:1699::1               56:00:04:aa:8d:ae vtnet0 permanent R
fe80::fc00:4ff:feaa:8dae%vtnet0      fe:00:04:aa:8d:ae vtnet0 44s       R R
fe80::5400:4ff:feaa:8dae%vtnet0      56:00:04:aa:8d:ae vtnet0 permanent R
2001:19f0:5401:1699::2               58:9c:fc:10:93:56 bridge0 permanent R
fe80::5a9c:fcff:fe10:9356%bridge0    58:9c:fc:10:93:56 bridge0 permanent R


What am I doing wrong?

Regards,
meka