Join Log in
Score:0
avatar Server

How to configure DHCPv6 in Proxmox without bridge?

tr flag
Paul Stelian

(crosspost: Network stack exchange)

I have a setup with Proxmox connected via WiFi. Everything works for my needs and IPv4 connectivity too.

Now, I want to see if it is possible to do some DHCPv6 setup so that my virtual machines have IPv6 addresses as well. I'd prefer a setup without NAT, but it's not mandatory that it is so.

I'm taking a few options into consideration for IPv6 connectivity:

  • NDP Proxy. This one feels like it's the most "transparent", and I will get a public IPv6 address from the same network as the host, which is the main abcd:abcd:abcd:FFFF::/64 network.
  • DHCPv6 network. My router has DHCPv6, I can probably make my Proxmox instance request a network to use for its internal bridge (using prefix delegation). I'm currently using dnsmasq for the IPv4 addresses of virtual machines, but I believe I can replace it with something else.
  • NAT. I don't want this option, but I also won't decline it completely either. The reason why I cannot just connect the Proxmox bridge in bridge mode to my LAN (which would have made things significantly easier) is the fact that I cannot bring in a wired connection, so I have to use WiFi (thankfully at least it's 5 GHz and there's no need for much traffic most of the time) and WiFi client doesn't support bridges.

So here is my request for advice. Thank you in advance.

EDIT: Came to prefix delegation as my choice. Haven't managed to get it completely done. Now for the issues:

  • I get the IPv6 prefix delegated, the Proxmox server is getting a /62
  • On the server I have radvd enabled, it is properly advertising to the internal LAN of the VMs
  • The VM, a Ubuntu 20.04 with NetworkManager, is getting router advertisements and even autoconfiguring the default route. However, it doesn't autoconfigure the IPv6 address, which leads to unexpected issue of "Destination unreachable: Beyond scope of source address" when trying to ping an IPv6 address. If I manually do "ip a a dev ens18 2001:db8:facb:9876::23:2918/62" it works (the routes are 2001:db8:facb:9874::/62 plus the default route).

radvdump output:

{
    AdvSendAdvert on;
    # Note: {Min,Max}RtrAdvInterval cannot be obtained with radvdump
    AdvManagedFlag off;
    AdvOtherConfigFlag off;
    AdvReachableTime 0;
    AdvRetransTimer 0;
    AdvCurHopLimit 64;
    AdvDefaultLifetime 300;
    AdvHomeAgentFlag off;
    AdvDefaultPreference medium;
    AdvSourceLLAddress on;

    prefix fde1:d59a:7fa7:8::/62
    {
        AdvValidLifetime 86400;
        AdvPreferredLifetime 14400;
        AdvOnLink on;
        AdvAutonomous on;
        AdvRouterAddr on;
    }; # End of prefix definition


    prefix 2001:db8:facb:9874::/62
    {
        AdvValidLifetime 86400;
        AdvPreferredLifetime 14400;
        AdvOnLink on;
        AdvAutonomous on;
        AdvRouterAddr on;
    }; # End of prefix definition


    prefix fde1:d59a:7fa7:8::/62
    {
        AdvValidLifetime 86400;
        AdvPreferredLifetime 14400;
        AdvOnLink on;
        AdvAutonomous on;
        AdvRouterAddr on;
    }; # End of prefix definition


    prefix 2001:db8:facb:9874::/62
    {
        AdvValidLifetime 86400;
        AdvPreferredLifetime 14400;
        AdvOnLink on;
        AdvAutonomous on;
        AdvRouterAddr on;
    }; # End of prefix definition


    route ::/0
    {
        AdvRoutePreference medium;
        AdvRouteLifetime 300;
    }; # End of route definition

}; # End of interface definition

RADVD configuration:

interface vmbr0 {
  AdvSendAdvert on;
  MinRtrAdvInterval 30;
  MaxRtrAdvInterval 100;
  AdvSourceLLAddress on;
  prefix ::/64 {
    AdvOnLink on;
    AdvAutonomous on;
    AdvRouterAddr on;
    Base6Interface vmbr0;
  };
  route ::/0 {
  };
};

(vmbr0 has its IPv6 address correctly configured)

352
0 + 0
ndp
in flag
NiKiZe
If you can control you outer router then routing a /64 prefix to your proxmox side is probably best, otherwise did you try it or any of your other alternatives? (Seems like you already have the answers and no real question?)
0
Reply
tr flag
Paul Stelian
@NiKiZe The problem is that the prefix received by the router isn't static -- it changes every time I redo the PPPoE connection to my ISP. My question is twofold: Which of these options is best, and how do I do it.
0
Reply
tr flag
Paul Stelian
@NiKiZe I have tried to do prefix delegation, it doesn't seem to work (I'm not receiving a prefix from my main router). Support for prefix delegation is enabled in the router itself, so maybe the ISP isn't giving it correctly or something? I haven't managed to get NDP proxy to work but maybe I'm just doing something wrong there, and I again don't want to do NAT unless there's no alternative.
0
Reply
tr flag
Paul Stelian
@NiKiZe Managed to do prefix delegation, but not completely. Routing works, but address autoconfiguration doesn't on Ubuntu 20.04 guest. I wonder if it's the guest at fault or if there's some genuine configuration issue.
0
Reply
Score:1
avatar Server
tr flag
Paul Stelian

Turns out I was doing some things a bit overcomplicated, now I have managed to answer the question for myself.

First off, let me link to the external resource which was the most helpful for this purpose: a SuperUser answer.

My configuration mirrors the one in that article:

  • Router: Enable prefix delegation. Probably nothing was needed to be done to change from default, but just in case.
  • Install package "wide-dhcpv6-client". Configure it accordingly to request prefix delegation and do it accordingly for each interface.
  • Adjust dnsmasq to give out IPv6 addresses -- this allows both router advertisements and DHCP to work correctly.
  • Reboot (for some reason ifup/ifdown didn't adjust correctly otherwise).

dhcp6c.conf fragment:

interface wlp2s0 {
        send rapid-commit;
        send ia-na 0;
        send ia-pd 0;
};

id-assoc na 0 {
};

id-assoc pd 0 {
        prefix ::/60 infinity;
        prefix-interface vmbr0 {
                sla-len 4;
                sla-id 0;
                ifid 1;
        };
};

dnsmasq.conf fragment:

enable-ra
dhcp-range=::1,constructor:vmbr0,ra-stateless,ra-names,4h
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.