Changes for page IPv6
Last modified by Sebastian Marsching on 2022/05/29 14:06
From version 4.1
edited by Sebastian Marsching
on 2022/05/29 14:06
on 2022/05/29 14:06
Change comment:
There is no comment for this version
To version 1.2
edited by Sebastian Marsching
on 2022/05/29 13:29
on 2022/05/29 13:29
Change comment:
Added tag [Network]
Summary
-
Page properties (2 modified, 0 added, 0 removed)
Details
- Page properties
-
- Parent
-
... ... @@ -1,1 +1,1 @@ 1 -Network.IP.WebHome 1 +Miscellaneous.Network.IP.WebHome - Content
-
... ... @@ -23,7 +23,7 @@ 23 23 24 24 With the default MTU setting of 1480 I experienced strange problems: Sometimes, connections got "stuck". By manually setting the MTU for the `tun6to4` interface to 1280 these problems could be solved. I guess, that these problem might be related to packet fragmentation when encapsulating the IPv6 packet within an IPv4 packet. 25 25 26 -See also: [[Path MTU Discovery issues|doc:Network.IP.WebHome|anchor="HPathMTUDiscoveryIssues"]] 26 +See also: [[Path MTU Discovery issues|doc:Miscellaneous.Network.IP.WebHome|anchor="HPathMTUDiscoveryIssues"]] 27 27 28 28 # IPv6 with Xen routed setup 29 29 ... ... @@ -89,13 +89,11 @@ 89 89 1. Configuration gets easier: We do not have to create host routes, the routes will be automatically determined by the subnet prefix for the address. In the example 90 90 91 91 above, a route for target `2002:ffff:ffff:1::/64` using the correct `vif`-device will be created automatically. There is also no need to manually configure a host-route to the gateway within the domU: The gateway's address (for `mydomu1` in the example it is `2002:ffff:ffff:1::1`) is within the subnet of the DomU. 92 - 93 93 1. We can easily add extra IP addresses to the DomU: As the Dom0 routes the whole subnet to the DomU, we can just add any address (except the gateway address) within 94 94 95 95 the `/64` subnet to the DomU, without having to change any configuration within the Dom0. 95 +1. The IPv6 address space is vast: If we have a `/48` subnet for the whole Xen host and we use a `/64` subnet for each DomU, we can create up to nearly 2^16 [DomUs](https://sebastian.marsching.com/wiki/DomUs) on one Xen host. These are more [DomUs](https://sebastian.marsching.com/wiki/DomUs) than you will ever run on a single Xen host. 96 96 97 -1. The IPv6 address space is vast: If we have a `/48` subnet for the whole Xen host and we use a `/64` subnet for each DomU, we can create up to nearly 2^16 DomUs on one Xen host. These are more DomUs than you will ever run on a single Xen host. 98 - 99 99 In order to make this setup work, we still have to ensure that the script `/etc/xen/scripts/vif-routed-ipv6` is called on the startup of a DomU. The easiest way is to patch `/etc/xen/scripts/vif-routed` using the following patch: 100 100 101 101 ```diff ... ... @@ -319,6 +319,7 @@ 319 319 mkdir -p "`dirname "${prefix_file}"`" 320 320 echo -n "${new_prefix}" >"${prefix_file}" 321 321 fi 320 + 322 322 ``` 323 323 324 324 In this script, you have to adjust your internally used prefix (when choosing a ULA prefix, you should use a random number from the range fc::/7 in order to avoid colissions when connecting different networks using addresses from the ULA space). Like in the other configuration files, you have to change the interface name from `eth0` to whichever is the name of the interface that connects to the Internet router. ... ... @@ -340,7 +340,7 @@ 340 340 341 341 In my case, the actual setup is even a bit more complex: I do not want the internal router to be a single point of failure. For the DSL router on the edge of the network this is acceptable because there is no reasonable way to avoid this. A simple router box is also less likely to fail than a "real" computer and software updates requiring a reboot are less frequent, too. 342 342 343 -I will not discuss here the details of the fail-over setup of the network interfaces. I use a [ [HA solution|doc:Linux.Open_vSwitch.WebHome|anchor="fail-over-interface"]]involving OpenVSwitch. For the rest of this tutorial, it is assumed that fail-over is working for the network interfaces and that the network interface facing the Internet router (`eth0`) uses the same MAC address on all nodes of the HA cluster and is only active on a single node at once.342 +I will not discuss here the details of the fail-over setup of the network interfaces. I use a [HA solution](https://sebastian.marsching.com/wiki/Linux/OpenVSwitch#Using_Open_vSwitch_for_a_high-availability_.2F_fail-over_interface) involving OpenVSwitch. For the rest of this tutorial, it is assumed that fail-over is working for the network interfaces and that the network interface facing the Internet router (`eth0`) uses the same MAC address on all nodes of the HA cluster and is only active on a single node at once. 344 344 345 345 The remaining challenge is to ensure that the DHCPv6 client uses the same prefix when fail-over from one node to another one happens. If the prefix changed, existing connections would be interrupted. 346 346