Enable IPV6 addresses from pool permanently
I'm trying to set up a few web servers on one VPS, each with it's own IPV6 address. I got an IPV6 Pool from Linode, I followed their instructions on setting them up. Once done I am able to ping the new IPV6 addresses remotely and everything looks great. But after some time (say between 5 and 30 minutes) it stops working. Rebooting doesn't help. But if I revert to "Auto-configure Networking" in the profile and start over again, it works for awhile. I have tried many variations, and looked for help in these forums and elsewhere, but no luck.
Any ideas of what I'm doing wrong?
I have Ubuntu 16.04, and my /etc/network/interfaces file looks like this:
# The loopback network interface
iface lo inet loopback
# This is an autoconfigured IPv6 interface
# iface eth0 inet6 auto
# The primary network interface
iface eth0 inet static
# Add DNS resolvers for resolvconf. Can mix IPv4 and IPv6.
dns-nameservers 22.214.171.124 2600:3c01::5
# IPv6 gateway and primary address.
iface eth0 inet6 static
Auto-configure networking automatically statically reconfigures your networking file on boot, so any changes to it (adding the /64 block) would be removed after the Linode is rebooted.
In order to configure the /64 block, you'll first want to ensure that you disable Auto-configure networking. Once you do that you can add the following to your
# IPv6 gateway and primary address. iface eth0 inet6 static address 2600:3c01:e000:02b9::1/64 gateway fe80::1 # Add a second IPv6 address. iface eth0 inet6 static address 2600:3c01:e000:02b9::2/64
Once you add that, you can reboot your Linode to confirm that it will remain statically configured.
You can confirm by running the
ip a| grep "inet" command, it should look something like this:
root@localhost:~# ip a| grep "inet" inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host inet $ipv4address/24 brd 126.96.36.199 scope global eth0 inet6 2600:3c01:e000:02b9:::2/64 scope global inet6 2600:3c01:e000:02b9:::1/64 scope global inet6 $linklocalipv6/64 scope link
I hope that helps!
That won't work out of the box (or it will for a bit then break), because you're not configuring the primary address, which is needed for the routed /64. When configuring IPv6 addresses statically with /etc/network/interfaces, SLAAC is completely disabled, so you have to configure every address you want to use, including the primary. Your /etc/network/interfaces (or some file in /etc/network/interfaces.d) should contain all of this:
iface eth0 inet6 static address 2600:3c01::<primary IPv6>/64 gateway fe80::1 iface eth0 inet6 static address 2600:3c01:e000:02b9::1/64
To add more addresses, just add another block, like this:
iface eth0 inet6 static address 2600:3c01:e000:02b9::2/64
Victory! I got it my IPs up and running without failing. Thanks to both dwfreed and hmorris for your help.
In addition to your suggestions, I took out the following line from my /etc/network/interfaces file:
That line wasn't in the sample in the documentation, but I thought it was necessary. Taking it out, along with the other tips solved my problem.
I'm struggling with this. Every time I update my interfaces file I can't get to my website, and I have to turn auto-networking back on to get it back up.
You are stating this:
iface eth0 inet6 static
address 2600:3c01::<primary ipv6="">/64
What do you mean by "<primary7 ipv6="">". Put that in literally? Or substitute that with something else? </primary7>
The full IPv6 address of my site is: 2600:3c02::f03c:91ff:fe67:c4b2 / 64 ( arius.shoptris.com ) or without the double-colon notation it's 2600:3c02:0000:0000:f03c:91ff:fe67:c4b2
I've tried this every which way but loose but anything I try locks up my web site.
I tried this, and it doesn't shut down the web site, but "curl -6 -sIL shoptris.com" still doesn't work
iface eth0 inet6 static
I have followed this procedure to associate an additional IPv6 IP in my /64 prefix with eth0, but it doesn't route any traffic?
I am able to do
ping6 -I 2600:3c00::f03c:91ff:fec7:e122 ipv6.google.com and it works (that was my default assigned IPv6), but
ping6 -I 2600:3c00::f03c:91ff:fec7:e123 ipv6.google.com doesn't work (I associated that one manually with
ifconfig eth0 add 2600:3c00::f03c:91ff:fec7:e123/64)
Anyone have success with this?
DigitalOcean gives a much smaller range (only 16 IPs), but I have no problem doing the same thing there.
Out of the primary IPv6 subnet, in this case 2600:3c00::/64, you only have 1 IPv6 address available to use by default, 2600:3c00::f03c:91ff:fec7:e122. If you've been given a routed /64 or /56 by Linode support, the IPv6 range would start with "2600:3c00:e". If you've been given a /116 by support, then the range you could use would be something like 2600:3c00::000 - 2600:3c00::fff. If you haven't opened a ticket and asked for it, then you don't have any of these.
The instructions provided by hmorris on the first answer of this question pertain to Debian and versions of Ubuntu prior to 18.04.
For CentOS 7 and 8, you can use the
IPV6ADDR_SECONDARIES configuration option in your
/etc/sysconfig/network-scripts/ifcfg-eth0 file after first disabling Network Helper.
Assuming that you were using the
f123:abc4:e6e6:40c1:: pool, you can disable Network Helper and define these addresses at the bottom of your
/etc/sysconfig/network-scripts/ifcfg-eth0 file like so:
It is important to use double-quote marks around all of your IP addresses and to separate the IP addresses with spaces.
Once you restart your Linode, you should be able to reach your Linode through the IPv6 addresses defined in this fashion. You may define as little as one IP address this way.
I would also review our static network configuration guide for CentOS 7 here:
I was having trouble with this too. Linode gave me my own personal /64 block, but when I tried to use an IP address from the /64 pool, it worked only intermittently.
The problem was that I was assigning ONLY an IP from the /64 block, but the primary IP is still required too (and link-local it seems).
My system now has 3 IPv6 addresses: The primary, the link-local, and one selected from my own /64 pool.
Now I just need to figure out how to force my system to use only the IP from my /64 range as the primary one is 'tainted' due to spammers. This is actually why Linode gave me my personal /64 for my sole use. Read more here: https://www.linode.com/community/questions/11471/spamhaus-blocking-all-ipv6-linode-addresses
I am having exactly the same issues as @TTimo. I have the primary (SLAAC) address configured, the link local and an address out of the new /64 range.
I assigned the new ipv6 /64 range from the network tab on the linode configuration page.
Is that how others got their address to fix the Spamhaus blacklisting problem? Or was it assigned by linode and they set up the appropriate routing?
I have made the changes to /etc/network/interfaces.
I can access my webserver locally using telnet on the newly assigned address.
I have used curl to try to get out on the new address. It doesn't work. Using the SLAAC address it works.
The following doesn't work
curl -6 --interface 2600:3c01:e000:2fe::1 http://www.usenix.org.uk/content/rblcheck
The following with the primary address works
curl -6 --interface 2600:3c01::f03c:91ff:fe1f:1df0 http://www.usenix.org.uk/content/rblcheck