linux – Add IPV6 range / block on network debian configuration

I am configuring a network interface on my server, editing this file /etc/network/interfaces.d/50-cloud-init.cfg

I need to have a list of IP address configured which all are in the same ip-block.
For now i’m writing every single ip address separately on the configuration file.
I would like to know if it’s possible to activate a whole block / range of ip in one shot ?

What i have inside for now s something like this :

auto lo
iface lo inet loopback
    dns-nameservers xxx.xxx.33.99

auto eno1
iface eno1 inet dhcp
    mtu 1500

auto eno1:0
iface eno1:0 inet static
address xx5.xx9.xx.0
netmask 255.255.255.255

auto eno1:1
iface eno1:1 inet static
address xx.xx.xx.1
netmask 255.255.255.255

auto eno1:2
iface eno1:2 inet static
address xx.xx.xx.2
netmask 255.255.255.255

auto eno1:3
iface eno1:3 inet static
address xx.xx.1xx.3
netmask 255.255.255.255

auto eno1:4
iface eno1:4 inet static
address xx.xx.xx.4
netmask 255.255.255.255

auto eno1:5
iface eno1:5 inet static
address xx.xx.xx.5
netmask 255.255.255.255


auto eno1:6
iface eno1:6 inet static
address xx6.xx.xx.6
netmask 255.255.255.255

auto eno1:7
iface eno1:7 inet static
address xx6.xx.xx.7
netmask 255.255.255.255

anyconnect – IPv6 support makes openconnect server vpn connection too slow

I have set up an OpenConnect server (ocserv) on CentOS 8 that is quite fast. However, when I enable IPv6 on it by uncommenting the following line, it becomes painfully slow and upload becomes almost zero.

#ipv6-network = fda9:4efe:7e3b:03ea::/48

I tried enabling ipv6 forwarding and ipv6 masquerading, but it did not help.

It’s worth mentioning that clients realize that IPv6 is supported by the server as they show the IPv6 address given to them by the server. For example, when connected to the server using openconnect the log says:

Connected as 10.10.10.15 + fda9:4efe:7e3b:6b40:f973:5a56:56a0:b1a8/64, using SSL + LZ4, with DTLS + LZ4 in progress

Tried disabling dtls with –no-dtls flag, but it didn’t help.

I need the IPv6 support because some websites require IPv6 and if your ISP has IPv6 support, but your VPN server does not support it, then you are exposing your real IP address to the server, rendering VPN connection useless.

Does anyone know how should I enable Ipv6 support for the VPN server without affecting connection speed?

35% OFF For 3 Months on Centohost.com Dedicated Servers + IPv6 ready, Free setup | NewProxyLists

Are you interested in High End Dedicated Server Hosting Services?

CentoHost.com is a brand of Globalhost d.o.o. which is one of the leading web hosting companies since 2002. We use the latest Dell server technology in our own data center to ensure that our customers get the best performance out of their websites. Our wide selection of web hosting services will cater to your hosting needs whether you’re making a small, simple website, or a high powered, high traffic website. Our main goal is to provide the best technology available with exceptional customer support. With a large client base comes a diverse range of Web hosting requirements. We have tailored our company around these needs by providing flexible and scalable services.

SPECIAL OFFER: First 3 MONTHS – 35% OFF

Our dedicated servers are located in own data center in Europe – Bosnia and Herzegovina. You will get serial console access with performance servers. Plus you will be able to install and customize applications.

Our Features:

  • Unmetered bandwidth
  • Free DDoS protection
  • IPv6 ready
  • Free setup
  • Free hardware RAID
  • Fast setup
  • Dell PowerEdge servers
  • DDR3 ECC RAM
  • Guaranteed resource
  • Server monitoring
  • Remote reboot
  • Single and Dual CPUs

Take a look at Centohost Entry-level Dedicated Servers:
Get started with a Dedicated Server within your budget – (Unmetered bandwidth + Free DDoS protection + IPv6 ready + Free setup)

DELL PowerEdge T20 Server Package
1 x Dual Core Intel Pentium G3220

Speed – 2 x 3.00 GHz
Memory – 8 GB DDR3
Hard Drives – 1 TB (2 x 500 GB SATA3)
Bandwidth – unmetered
PRICE – €59.15/month – ORDER NOW

DELL PowerEdge T20 Server Package
1 x 4 Core Xeon E3-1225v3
Speed – 4 x 3.2 GHz (+HT)
Memory – 8 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA3)
Bandwidth – unmetered
PRICE – €64.35/month – ORDER NOW

HP ProLiant DL360e G8 Server Package
1 x 8 Core Xeon E5-2450L
Speed – 6 x 2.0 GHz (+HT)
Memory – 32 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA3)
Bandwidth – unmetered
PRICE – €83.85/month – ORDER NOW

You can also check out Centohost Performance Dedicated Servers:
More powerful servers for medium and large projects – (Unmetered bandwidth + Free DDoS protection + IPv6 ready + Free setup)

DELL PowerEdge R610 Server Package – 1
2 x 6 Core Xeon X5650

Speed – 12 x 2.7 GHz (+HT)
Memory – 32 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA) SAS Optional
Bandwidth – unmetered
PRICE – €157.95/mo – ORDER NOW

DELL PowerEdge R420 Server Package – 1
2 x 6 Core Xeon E5-2430
Speed – 12 x 2.2 GHz (+HT)
Memory – 32 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA) SAS Optional
Bandwidth – unmetered
PRICE – €161.85/mo – ORDER NOW

HP ProLiant DL360e G8 Server Package – 1
2 x 8 Core Xeon E5-2450L
Speed – 16 x 1.8 GHz (+HT)
Memory – 32 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA) SAS Optional
Bandwidth – unmetered
PRICE – €168.35/mo – ORDER NOW

DELL PowerEdge R710 Server Package – 1
2 x 6 Core Xeon X5670
Speed – 12 x 2.93 GHz (+HT)
Memory – 32 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA) SAS Optional
Bandwidth – unmetered
PRICE – €178.10/mo – ORDER NOW

HP ProLiant DL360e G8 Server Package – 1
2 x 8 Core Xeon E5-2440v2
Speed – 16 x 1.9 GHz (+HT)
Memory – 32 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA) SAS Optional
Bandwidth – unmetered
PRICE – €194.35/mo – ORDER NOW

DELL PowerEdge R820 Server Package – 1
4 x 8 Core Xeon E5-4650
Speed – 32 x 2.70 GHz (+HT)
Memory – 64 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA) SAS Optional
Bandwidth – unmetered
PRICE – €356.85/mo – ORDER NOW

Included with dedicated server:
Fast Setup (In most cases our servers will be ready in just 4 hours after your order)
IPv4 and IPv6 network (All dedicated servers include both IPv4 and IPv6 network connection and addresses)
Unmtered Traffic (All our dedicated servers come with unmetered data transfer)
No Setup Price (All our dedicated servers are with completely FREE setup, even if you pay monthly)
Free DDoS Protection (All dedicated servers in our offer are protected with advanced DDoS protection system)
Free Hardware RAID (We offer FREE Hardware raid controler with all our Performance Servers)

Legal informations:
Globalhost d.o.o., Kralja Tvrtka 15, 72290, Novi Travnik, Bosna i Hercegovina
ID number: 4236611790005
TAX number: 236611790005
MBS: 51-01-0011-15

Contact informations:
E-mail: info@centohost.com
Phone (US): +1-702-323-3802
Phone (EU): +43-72-002-2527
Phone (BA): +386-30-795-066
International Number: +883-5100-128-917-94
Fax: +1-702-323-3844

Not sure which plan is best for you?
No problem. Send us a ticket with your questions and we’ll get back to you with a quote. Free of charge.

[WTS] 35% OFF For 3 Months on Centohost.com Dedicated Servers + IPv6 ready, Free setup

Are you interested in High End Dedicated Server Hosting Services?

CentoHost.com is a brand of Globalhost d.o.o. which is one of the leading web hosting companies since 2002. We use the latest Dell server technology in our own data center to ensure that our customers get the best performance out of their websites. Our wide selection of web hosting services will cater to your hosting needs whether you’re making a small, simple website, or a high powered, high traffic website. Our main goal is to provide the best technology available with exceptional customer support. With a large client base comes a diverse range of Web hosting requirements. We have tailored our company around these needs by providing flexible and scalable services.

SPECIAL OFFER: First 3 MONTHS – 35% OFF

Our dedicated servers are located in own data center in Europe – Bosnia and Herzegovina. You will get serial console access with performance servers. Plus you will be able to install and customize applications.

Our Features:

  • Unmetered bandwidth
  • Free DDoS protection
  • IPv6 ready
  • Free setup
  • Free hardware RAID
  • Fast setup
  • Dell PowerEdge servers
  • DDR3 ECC RAM
  • Guaranteed resource
  • Server monitoring
  • Remote reboot
  • Single and Dual CPUs

Take a look at Centohost Entry-level Dedicated Servers:
Get started with a Dedicated Server within your budget – (Unmetered bandwidth + Free DDoS protection + IPv6 ready + Free setup)

DELL PowerEdge T20 Server Package
1 x Dual Core Intel Pentium G3220
Speed – 2 x 3.00 GHz
Memory – 8 GB DDR3
Hard Drives – 1 TB (2 x 500 GB SATA3)
Bandwidth – unmetered
PRICE – €59.15/month – ORDER NOW

DELL PowerEdge T20 Server Package
1 x 4 Core Xeon E3-1225v3
Speed – 4 x 3.2 GHz (+HT)
Memory – 8 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA3)
Bandwidth – unmetered
PRICE – €64.35/month – ORDER NOW

HP ProLiant DL360e G8 Server Package
1 x 8 Core Xeon E5-2450L
Speed – 6 x 2.0 GHz (+HT)
Memory – 32 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA3)
Bandwidth – unmetered
PRICE – €83.85/month – ORDER NOW

You can also check out Centohost Performance Dedicated Servers:
More powerful servers for medium and large projects – (Unmetered bandwidth + Free DDoS protection + IPv6 ready + Free setup)

DELL PowerEdge R610 Server Package – 1
2 x 6 Core Xeon X5650
Speed – 12 x 2.7 GHz (+HT)
Memory – 32 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA) SAS Optional
Bandwidth – unmetered
PRICE – €157.95/mo – ORDER NOW

DELL PowerEdge R420 Server Package – 1
2 x 6 Core Xeon E5-2430
Speed – 12 x 2.2 GHz (+HT)
Memory – 32 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA) SAS Optional
Bandwidth – unmetered
PRICE – €161.85/mo – ORDER NOW

HP ProLiant DL360e G8 Server Package – 1
2 x 8 Core Xeon E5-2450L
Speed – 16 x 1.8 GHz (+HT)
Memory – 32 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA) SAS Optional
Bandwidth – unmetered
PRICE – €168.35/mo – ORDER NOW

DELL PowerEdge R710 Server Package – 1
2 x 6 Core Xeon X5670
Speed – 12 x 2.93 GHz (+HT)
Memory – 32 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA) SAS Optional
Bandwidth – unmetered
PRICE – €178.10/mo – ORDER NOW

HP ProLiant DL360e G8 Server Package – 1
2 x 8 Core Xeon E5-2440v2
Speed – 16 x 1.9 GHz (+HT)
Memory – 32 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA) SAS Optional
Bandwidth – unmetered
PRICE – €194.35/mo – ORDER NOW

DELL PowerEdge R820 Server Package – 1
4 x 8 Core Xeon E5-4650
Speed – 32 x 2.70 GHz (+HT)
Memory – 64 GB DDR3
Hard Drives – 2 TB (2 x 1 TB SATA) SAS Optional
Bandwidth – unmetered
PRICE – €356.85/mo – ORDER NOW

Included with dedicated server:
Fast Setup (In most cases our servers will be ready in just 4 hours after your order)
IPv4 and IPv6 network (All dedicated servers include both IPv4 and IPv6 network connection and addresses)
Unmtered Traffic (All our dedicated servers come with unmetered data transfer)
No Setup Price (All our dedicated servers are with completely FREE setup, even if you pay monthly)
Free DDoS Protection (All dedicated servers in our offer are protected with advanced DDoS protection system)
Free Hardware RAID (We offer FREE Hardware raid controler with all our Performance Servers)

Legal informations:
Globalhost d.o.o., Kralja Tvrtka 15, 72290, Novi Travnik, Bosna i Hercegovina
ID number: 4236611790005
TAX number: 236611790005
MBS: 51-01-0011-15

Contact informations:
E-mail: info@centohost.com
Phone (US): +1-702-323-3802
Phone (EU): +43-72-002-2527
Phone (BA): +386-30-795-066
International Number: +883-5100-128-917-94
Fax: +1-702-323-3844

Not sure which plan is best for you?
No problem. Send us a ticket with your questions and we’ll get back to you with a quote. Free of charge.

.(tagsToTranslate)webmaster forum(t)internet marketing(t)search engine optimization(t)web designing(t)seo(t)ppc(t)affiliate marketing(t)search engine marketing(t)web hosting(t)domain name(t)social media

networking – ping returns IPV6 address on ubuntu 20.04

I have installed GitLab on a cloud VM and shortly after stood up a second VM as a postfix server with the same provider (Hetzner)

I first noticed a problem when I went back to the GitLab server to enable SMTP Email and nothing was being sent, not even any logs on the mail server to say a connection was attempted.

I tried to ping the mail server from gitlab and got back only a single response and no further responses not matter how long I wait.

root@gitlab:~# ping mail.simoncarr.co.uk
PING mail.simoncarr.co.uk(2a01:4f8:c2c:a992:: (2a01:4f8:c2c:a992::)) 56 data bytes

As you can see it is an IPV6 response. I don’t remember doing anything other than enabling the ufw that would have impacted networking on gitlab.

I have turned off ufw on gitlab and the mail server, and get the same behaviour.

If I ping an external server I still get an IPV6 response, but I do at least get multiple responses.

root@gitlab:~# ping bbc.co.uk
PING bbc.co.uk(2a04:4e42:600::81 (2a04:4e42:600::81)) 56 data bytes
64 bytes from 2a04:4e42:600::81 (2a04:4e42:600::81): icmp_seq=1 ttl=58 time=3.68 ms
64 bytes from 2a04:4e42:600::81 (2a04:4e42:600::81): icmp_seq=2 ttl=58 time=3.47 ms
64 bytes from 2a04:4e42:600::81 (2a04:4e42:600::81): icmp_seq=3 ttl=58 time=3.52 ms
64 bytes from 2a04:4e42:600::81 (2a04:4e42:600::81): icmp_seq=4 ttl=58 time=3.50 ms
64 bytes from 2a04:4e42:600::81 (2a04:4e42:600::81): icmp_seq=5 ttl=58 time=3.49 ms

If I ping the gitlab server, I get IPV4 response and they are repeated as you would expect.

PING gitlab.simoncarr.co.uk (168.119.124.76) 56(84) bytes of data.
64 bytes from static.76.124.119.168.clients.your-server.de (168.119.124.76): icmp_seq=1 ttl=58 time=0.878 ms
64 bytes from static.76.124.119.168.clients.your-server.de (168.119.124.76): icmp_seq=2 ttl=58 time=0.463 ms
64 bytes from static.76.124.119.168.clients.your-server.de (168.119.124.76): icmp_seq=3 ttl=58 time=0.353 ms
64 bytes from static.76.124.119.168.clients.your-server.de (168.119.124.76): icmp_seq=4 ttl=58 time=0.419 ms

If I ping an external server from the mail server, I again get an IPV6 response.

root@mail:~# ping bbc.co.uk
PING bbc.co.uk(2a04:4e42:600::81 (2a04:4e42:600::81)) 56 data bytes
64 bytes from 2a04:4e42:600::81 (2a04:4e42:600::81): icmp_seq=1 ttl=58 time=6.68 ms
64 bytes from 2a04:4e42:600::81 (2a04:4e42:600::81): icmp_seq=2 ttl=58 time=6.24 ms
64 bytes from 2a04:4e42:600::81 (2a04:4e42:600::81): icmp_seq=3 ttl=58 time=6.23 ms
64 bytes from 2a04:4e42:600::81 (2a04:4e42:600::81): icmp_seq=4 ttl=58 time=6.16 ms

The only thing, that I have changed on the mail server, that is related to networking is to add reverse DNS addresses to both IPV4 and IPV6 addresses.

I want to be able to connect from GitLab server to my mail server to send SMTP email. Even with ufw disabled on both servers, GitLab is not communicating with the mail server. I can’t help but think the issue is related to the behaviour I have described above.

HTTP web traffic to my GitLab server is working fine and my mail server is sending and receiving email fine, from mail clients and other SMTP servers.

I need IPv6 /32 BGP announcement in Africa

Hi everyone!

I need IPv6 /32 BGP announcement in Africa

Please contact me if you can offer it…. | Read the rest of https://www.webhostingtalk.com/showthread.php?t=1835530&goto=newpost

smtp – Configure postfix to send via IPV4 but receive using both IPV4 & IPV6?

Is it possible to configure postfix to send via IPV4 only but receive using both IPV4 & IPV6?

My server, running on AWS Lightsail, now can have an IPV6 address. The address is relatively static (as long as I keep IPV6 active on the instance), but it’s not truly static because I can’t move the address from server to server (like I can do with the static IPV4 address). I also can’t (currently) as Amazon to assign an PTR record for the IPV6 address.

As I have the IPV6 address available, I’d like to be able to receive mail using either IPV4 or IPV6 but only send using IPV4.

I know I can set postfix to only listen on the IPV4 address using the inet_protocols setting.

networking – How to use IPv6 internet addresses on Linux with systemd-networkd

I haven’t found so far a simple example like this to understand the basics with reference to the sources. It’s more a prove of concept but it has taken me some effort, so I will share it with the community step by step.

Preparations

I use three virtual machines on KVM (Kernel-based Virtual Machine), all with Debian 11 (bullseye, at this time testing version) and using terminology from RFC 2460:
Node is an interface enabled for IPv6.
Router is any node that forwards IPv6 packets that are not expressly addressed to it.
Host is any node that’s not a router.

I use the IPv6 Address Prefix 2001:DB8::/32 Reserved for Documentation (RFC 3849) that is usable for valid global unicast addresses but not routed to the internet.

To have things by hand, here are some specifications:

There are some address types used (RFC 4291)

Unspecified          ::/128
Loopback             ::1/128
Multicast            FF00::/8
Link-Local unicast   FE80::/10
Global Unicast       (everything else)
Global Anycast       (same as Global Unicast)   not used in this example

Scope of Multicast addresses (RFC 4291):

FF00::  reserved
FF01::  Interface-Local scope
FF02::  Link-Local scope
FF03::  reserved
FF04::  Admin-Local scope
FF05::  Site-Local scope
FF06:: to FF07::  (unassigned)
FF08::  Organization-Local scope
FF09:: to FF0D::  (unassigned)
FF0E::  Global scope
FF0F::  reserved

Well-known IPv6 multicast addresses (extract – complete list at IANA):

ff02::1     all nodes
ff02::2     all routers
ff02::5     all OSPF (Open Shortest Path First) routers
ff02::6     all OSPF DRs (OSPF Designated Routers)
ff02::9     all RIP (Routing Information Protocol) routers
ff02::a     all EIGRP (Enhanced Interior Gateway Routing Protocol) routers
ff02::d     all PIM (Protocol Independent Multicast) routers
ff02::f     UPNP (Universal Plug and Play) devices
ff02::11    all homenet nodes
ff02::12    VRRP (Virtual Router Redundancy Protocol)
ff02::16    all MLDv2-capable routers
ff02::1a    all RPL (Routing Protocol for Low-Power and Lossy Networks) routers (used in Internet of Things (IoT) devices)
ff02::fb    multicast DNS IPv6
ff02::101   network time (NTP)
ff02::1:2   all DHCP agents
ff02::1:3   LLMNR (Link-Local Multicast Name Resolution)
ff02:0:0:0:0:1:ff00::/104   solicited node address
ff02:0:0:0:0:1-2:ff00::/104     node information query
ff05::1:3   all DHCP server (site)
ff05::101   all NTP server (site)

I will use tcpdump to look what’s going on on the network, so install it on the router. Then enable systemd-networkd by following

Section Quick Step at Use systemd-networkd for general networking, then come back here.

I will have everything disabled so we can see what is needed and enable it step by step. On host-a and host-b use this network file:

host-? ~$ sudo -Es   # if not already done
host-? ~# cat > /etc/systemd/network/04-wired.network <<EOF
(Match)
Name=eth0

(Network)
# on host-a uncomment
#Address=2001:db8:0:10::2/64
# on host-b uncomment
#Address=2001:db8:0:20::2/64
IPv6AcceptRA=no
LinkLocalAddressing=no
EOF

On the router use these ones:

router ~$ sudo -Es   # if not already done
router ~# cat > /etc/systemd/network/04-eth0.network <<EOF
(Match)
Name=eth0

(Network)
Address=2001:db8:0:10::1/64
IPv6AcceptRA=no
LinkLocalAddressing=no
EOF

router ~# cat > /etc/systemd/network/06-eth1.network <<EOF
(Match)
Name=eth1

(Network)
Address=2001:db8:0:20::1/64
IPv6AcceptRA=no
LinkLocalAddressing=no
EOF

Simple link-local connection

First I will have a look at the direct connection between host-a and the router. The router is UP and I start host-a. Tcpdump shows me on subnet 2001:db8:0:10/64:

host-a ~$ sudo tcpdump -n --number --interface=eth0 ip6 2>/dev/null
    1  23:25:28.211331 IP6 :: > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28
    2  23:25:28.227326 IP6 :: > ff02::16: HBH ICMP6, multicast listener report v2, 2 group record(s), length 48
    3  23:25:28.671386 IP6 :: > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28
    4  23:25:28.735354 IP6 :: > ff02::1:ff00:2: ICMP6, neighbor solicitation, who has 2001:db8:0:10::2, length 32
  • With package 1-3 host-a joins as listener to the multicast group ff02::16 – all MLDv2-capable routers. Router know now that it want to receive routing messages.
  • With package 4 it asked if there is another node with ip address 2001:db8:0:10::2. It isn’t because there is no reply. host-a can use the address.

Ping to router works:

host-a ~$ ping6 -n 2001:db8:0:10::1
PING 2001:db8:0:10::1(2001:db8:0:10::1) 56 data bytes
64 bytes from 2001:db8:0:10::1: icmp_seq=1 ttl=64 time=0.829 ms
64 bytes from 2001:db8:0:10::1: icmp_seq=2 ttl=64 time=0.863 ms
64 bytes from 2001:db8:0:10::1: icmp_seq=3 ttl=64 time=0.858 ms
--- snip ---

Link-local unicast addresses

In the next step I want to connect to the second interface eth1 on router. For this we need a static route:

host-a ~$ sudo ip -6 route add 2001:db8:0:20::/64 via 2001:db8:0:10::1

But ping6 -nc3 2001:db8:0:20::1 does not work. I don’t get any replies. Curiously it works if I first ping the gateway 2001:db8:0:10:1:

host-a 12:32:26 ~$ ping6 -nc1 2001:db8:0:10::1
PING 2001:db8:0:10::1(2001:db8:0:10::1) 56 data bytes
64 bytes from 2001:db8:0:10::1: icmp_seq=1 ttl=64 time=1.37 ms

--- 2001:db8:0:10::1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.373/1.373/1.373/0.000 ms

host-a 12:32:39 ~$ ping6 -nc3 2001:db8:0:20::1
PING 2001:db8:0:20::1(2001:db8:0:20::1) 56 data bytes
64 bytes from 2001:db8:0:20::1: icmp_seq=1 ttl=64 time=0.629 ms
64 bytes from 2001:db8:0:20::1: icmp_seq=2 ttl=64 time=0.744 ms
64 bytes from 2001:db8:0:20::1: icmp_seq=3 ttl=64 time=0.743 ms

--- 2001:db8:0:20::1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2008ms
rtt min/avg/max/mdev = 0.629/0.705/0.744/0.053 ms

host-a 12:33:01 ~$ ping6 -nc3 2001:db8:0:20::1
PING 2001:db8:0:20::1(2001:db8:0:20::1) 56 data bytes

--- 2001:db8:0:20::1 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2027ms

host-a 12:33:28 ~$

Have a look at the timestamp on the prompt. I only get replies some seconds after pinging the gateway. I do not really understand it but it’s good to know about this behavior when looking for troubleshooting. Anyway, it’s out of specification because for connections on the link (2001:db8:0:10:2 to 2001:db8:0:10:1) there must be used link-local addresses as specified at RFC 4291 – Link-Local IPv6 Unicast Addresses:

Link-Local addresses are designed to be used for addressing on a single link for purposes such as automatic address configuration, neighbor discovery, or when no routers are present.

Check for a link-local address on the interface. There is no one:

host-a ~$ ip -6 -br addr
lo               UNKNOWN        ::1/128
eth0             UP             2001:db8:0:10::2/64

I enable it with setting LinkLocalAddressing=ipv6 in all /etc/systemd/network/*.network files on all nodes, reboot, check and ping:

host-a ~$ ip -6 -br addr
lo               UNKNOWN        ::1/128
eth0             UP             2001:db8:0:10::2/64 fe80::5054:ff:febc:adbe/64

router ~$ ip -6 -br addr
lo               UNKNOWN        ::1/128
eth0             UP             2001:db8:0:10::1/64 fe80::5054:ff:fe0f:194e/64
eth1             UP             2001:db8:0:20::1/64 fe80::5054:ff:fe0f:194e/64

host-b ~$ ip -6 -br addr
lo               UNKNOWN        ::1/128
eth0             UP             2001:db8:0:20::2/64 fe80::5054:ff:fe9b:34b9/64

host-a ~$ sudo ip -6 route add 2001:db8:0:20::/64 via 2001:db8:0:10::1
host-a ~$ ping6 -n 2001:db8:0:20::1
PING 2001:db8:0:20::1(2001:db8:0:20::1) 56 data bytes
64 bytes from 2001:db8:0:20::1: icmp_seq=9 ttl=64 time=2.08 ms
64 bytes from 2001:db8:0:20::1: icmp_seq=10 ttl=64 time=0.780 ms
64 bytes from 2001:db8:0:20::1: icmp_seq=11 ttl=64 time=0.783 ms
--- snip ---

Works.

Static Routing

If I try to connect from host-a to host-b then ping6 -n 2001:db8:0:20::2 fails. That is why the router does not forward packages between its interfaces. We have to enable it. Just append IPForward=ipv6 to a *.network file. We also need a static route on host-b so it knows where to send the replies to host-a. We will do it persistent now. So you will get following .network files:

host-a

host-a ~$ cat /etc/systemd/network/04-wired.network
(Match)
Name=eth0

(Network)
Address=2001:db8:0:10::2/64
IPv6AcceptRA=no
LinkLocalAddressing=ipv6

(Route)
Destination=2001:db8:0:20::/64
Gateway=2001:db8:0:10::1

router

router ~$ cat /etc/systemd/network/04-eth0.network
(Match)
Name=eth0

(Network)
Address=2001:0DB8:0:10::1/64
IPv6AcceptRA=no
LinkLocalAddressing=ipv6
IPForward=ipv6

router ~$ cat /etc/systemd/network/06-eth1.network
(Match)
Name=eth1

(Network)
Address=2001:0DB8:0:20::1/64
IPv6AcceptRA=no
LinkLocalAddressing=ipv6

host-b

host-b ~$ cat /etc/systemd/network/04-wired.network
(Match)
Name=eth0

(Network)
Address=2001:db8:0:20::2/64
IPv6AcceptRA=no
LinkLocalAddressing=ipv6

(Route)
Destination=2001:db8:0:10::/64
Gateway=2001:db8:0:20::1

That’s it.
(Will be continued with Router Advertisement)

bitcoind – Force Inbound Connections to IPV6 only

Is it possible to restrict all connections to an IPV6 address?

I’ve set

onlynet=ipv6
bind=::

But it seems that nodes are still attempting to connect to an IPV4 address (in addition to the IPV6 address). Is there any way to prevent this? I am seeing discover and addlocal both being set to the IPV6 address on startup.

Thanks!

How do I make my website available via IPV6 under an AWS load balancer?

What do I need to do to make my website available under IPV6? My site is running on Amazon Web Services (AWS) behind a load balancer. I just saw that Amazon has announced support elastic load balancers via IPV6.

What settings do I need to enable at Amazon? What DNS changes do I need to make? How can I test my site to ensure it is working?