--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: linux-image-2.6.26-2-vserver-686: Weird IPv6 routing in vserver guests
- From: Pierre Tourbeaux <contact@si7v.fr>
- Date: Wed, 27 May 2009 18:00:26 +0200
- Message-id: <20090527160026.28285.4623.reportbug@sd-13824.dedibox.fr>
Package: linux-image-2.6.26-2-vserver-686
Version: 2.6.26-15lenny2
Severity: important
I have a strange problem of IPv6 routing inside my vserver guests.
So, here is the network setup of the host :
eth0 has an IPv4 public address, it's my only NIC.
sixxs has an IPv6 address, it's a IPv6-in-IPv4 tunnel to sixxs.net. It has the address : 2001:6f8:202:291::2/64
dummy0 has an IPv4 address : 192.168.0.250/24 and an IPv6 address : 2001:6f8:33c::1/64 which is a part of my /48 subnet. This subnet is routed to 2001:6f8:202:291::2. To do this, I've set :
net.ipv6.conf.default.forwarding=1
net.ipv6.conf.all.forwarding=1
in sysctl.conf
The network setup of one of my guests :
dummy0 : 192.168.0.1/24
2001:6f8:33c::3/64
root@nagios:~# ip -6 route show
2001:6f8:202:291::/64 via :: dev if19 metric 256 mtu 1280 advmss 1220 hoplimit 4294967295
2001:6f8:33c::/64 dev dummy0 metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev if2 metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev dummy0 metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev if7 metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 via :: dev if19 metric 256 mtu 1280 advmss 1220 hoplimit 4294967295
default via 2001:6f8:202:291::1 dev if19 metric 1024 mtu 1280 advmss 1220 hoplimit 4294967295
So, the services hosted on this guest are reachable from IPv6 hosts, this is OK.
But, when I initiate a connection from the guest to an external host in IPv6, the source IP is 2001:6f8:202:291::2 and not 2001:6f8:33c::3. This is like NAT in IPv6, something goes wrong...
I had a full working setup before upgrading in Lenny. I was on Etch with util-vserver from backports.org (0.30.216~r2772-6~bpo40+1) and the following kernel : http://files.si7v.fr/kernel/2.6.22.19-vserver-ipv6/ to have Vserver IPv6 support.
Feel free to change my bug report if it concerns the package util-vserver. I don't know if it's kernel related.
Best regards,
Pierre Tourbeaux
-- Package-specific info:
** Version:
Linux version 2.6.26-2-vserver-686 (Debian 2.6.26-15lenny2) (dannf@debian.org) (gcc version 4.1.3 20080704 (prerelease) (Debian 4.1.2-25)) #1 SMP Mon May 11 20:55:52 UTC 2009
** Command line:
root=/dev/md1 ro
** Not tainted
** Loaded modules:
Module Size Used by
ip6t_rt 2496 3
ip6table_filter 2432 1
ip6_tables 11376 2 ip6t_rt,ip6table_filter
sha1_generic 2304 4
drbd 179852 12
cn 6784 1 drbd
sit 8932 0
tunnel4 3016 1 sit
tun 8420 14
dummy 2464 0
ipt_MASQUERADE 2592 10
iptable_nat 4680 1
nf_nat 15544 2 ipt_MASQUERADE,iptable_nat
ipt_REJECT 2784 1
xt_limit 2180 9
nf_conntrack_ipv4 12268 7 iptable_nat,nf_nat
xt_state 2016 4
nf_conntrack 55540 5 ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_ipv4,xt_state
xt_tcpudp 2816 98
iptable_filter 2624 1
ip_tables 10160 2 iptable_nat,iptable_filter
x_tables 13284 9 ip6t_rt,ip6_tables,ipt_MASQUERADE,iptable_nat,ipt_REJECT,xt_limit,xt_state,xt_tcpudp,ip_tables
dm_snapshot 14340 0
dm_mirror 15104 0
dm_log 8484 1 dm_mirror
dm_mod 46600 3 dm_snapshot,dm_mirror,dm_log
iTCO_vendor_support 3556 0
coretemp 5504 0
w83627hf 20984 0
hwmon_vid 2720 1 w83627hf
loop 12908 0
evdev 8000 0
serio_raw 4740 0
psmouse 32336 0
snd_pcsp 8576 0
i2c_i801 7920 0
snd_pcm 62596 1 snd_pcsp
i2c_core 19828 1 i2c_i801
snd_timer 17800 1 snd_pcm
snd 45604 3 snd_pcsp,snd_pcm,snd_timer
soundcore 6368 1 snd
snd_page_alloc 7816 1 snd_pcm
button 6096 0
iTCO_wdt 9508 1
intel_agp 22556 1
rng_core 3940 0
agpgart 28776 1 intel_agp
ext3 108232 3
jbd 39444 1 ext3
mbcache 7108 1 ext3
raid1 18016 8
md_mod 67036 9 raid1
sd_mod 22200 18
ata_generic 4676 0
ide_pci_generic 3908 0 [permanent]
ahci 23596 16
libata 140416 2 ata_generic,ahci
scsi_mod 129324 2 sd_mod,libata
dock 8304 1 libata
piix 6568 0 [permanent]
ide_core 96136 2 ide_pci_generic,piix
r8169 23684 0
thermal 15228 0
processor 32544 2 thermal
fan 4164 0
thermal_sys 10856 3 thermal,processor,fan
-- System Information:
Debian Release: 5.0.1
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-2-vserver-686 (SMP w/2 CPU cores)
Locale: LANG=fr_FR@euro, LC_CTYPE=fr_FR@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
Versions of packages linux-image-2.6.26-2-vserver-686 depends on:
ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy
ii initramfs-tools [linux-initra 0.92o tools for generating an initramfs
ii module-init-tools 3.4-1 tools for managing Linux kernel mo
Versions of packages linux-image-2.6.26-2-vserver-686 recommends:
ii libc6-i686 2.7-18 GNU C Library: Shared libraries [i
Versions of packages linux-image-2.6.26-2-vserver-686 suggests:
ii grub 0.97-47lenny2 GRand Unified Bootloader (Legacy v
pn linux-doc-2.6.26 <none> (no description available)
-- debconf information:
shared/kernel-image/really-run-bootloader: true
linux-image-2.6.26-2-vserver-686/postinst/depmod-error-initrd-2.6.26-2-vserver-686: false
linux-image-2.6.26-2-vserver-686/preinst/abort-install-2.6.26-2-vserver-686:
linux-image-2.6.26-2-vserver-686/preinst/lilo-initrd-2.6.26-2-vserver-686: true
linux-image-2.6.26-2-vserver-686/postinst/bootloader-test-error-2.6.26-2-vserver-686:
linux-image-2.6.26-2-vserver-686/prerm/would-invalidate-boot-loader-2.6.26-2-vserver-686: true
linux-image-2.6.26-2-vserver-686/postinst/old-initrd-link-2.6.26-2-vserver-686: true
linux-image-2.6.26-2-vserver-686/preinst/failed-to-move-modules-2.6.26-2-vserver-686:
linux-image-2.6.26-2-vserver-686/postinst/bootloader-error-2.6.26-2-vserver-686:
linux-image-2.6.26-2-vserver-686/postinst/create-kimage-link-2.6.26-2-vserver-686: true
linux-image-2.6.26-2-vserver-686/preinst/overwriting-modules-2.6.26-2-vserver-686: true
linux-image-2.6.26-2-vserver-686/preinst/lilo-has-ramdisk:
linux-image-2.6.26-2-vserver-686/preinst/bootloader-initrd-2.6.26-2-vserver-686: true
linux-image-2.6.26-2-vserver-686/postinst/old-system-map-link-2.6.26-2-vserver-686: true
linux-image-2.6.26-2-vserver-686/preinst/elilo-initrd-2.6.26-2-vserver-686: true
linux-image-2.6.26-2-vserver-686/postinst/old-dir-initrd-link-2.6.26-2-vserver-686: true
linux-image-2.6.26-2-vserver-686/preinst/initrd-2.6.26-2-vserver-686:
linux-image-2.6.26-2-vserver-686/preinst/abort-overwrite-2.6.26-2-vserver-686:
linux-image-2.6.26-2-vserver-686/postinst/depmod-error-2.6.26-2-vserver-686: false
linux-image-2.6.26-2-vserver-686/prerm/removing-running-kernel-2.6.26-2-vserver-686: true
linux-image-2.6.26-2-vserver-686/postinst/kimage-is-a-directory:
--- End Message ---