[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: multihomed server with ipv6

> On 13 dec. 2014, at 21:25, Martinx - ジェームズ <thiagocmartinsc@gmail.com> wrote:
> 
> On 12 December 2014 at 12:07,  <lists@onemanifest.net> wrote:
>> 
>> I’m trying to setup a multi-homed server with dual stack networking.
>> 
>> I’ve setup static adressing for both NICs for ipv4 and ipv6 like this:
>> 
>>  # The primary LAN network interface
>>  allow-hotplug eth0
>>  iface eth0 inet static
>>    address 192.168.1.xx
>>    netmask 255.255.255.0
>>    network 192.168.1.0
>>    broadcast 192.168.1.255
>>    gateway 192.168.1.1
>>    # dns-* options are implemented by the resolvconf package, if installed
>>    dns-nameservers 192.168.1.1
>>    dns-search somedomain.tld
>> 
>>  iface eth0 inet6 static
>>    address 2001:xxxx:xxxx:3::20
>>    netmask 64
>>    gateway 2001:xxxx:xxxx:3::1
>>    dns-nameservers 2001:xxxx:xxxx:3::1
>>    dns-search somedomain.tld
>> 
>> 
>>  # The secondary DMZ network interface
>>  allow-hotplug eth1
>>  iface eth1 inet static
>>    address 192.168.0.xx
>>    netmask 255.255.255.0
>>    network 192.168.0.0
>>    broadcast 192.168.0.255
>>    gateway 192.168.0.1
>>    # dns-* options are implemented by the resolvconf package, if installed
>>    dns-nameservers 192.168.0.1
>>    dns-search somedomain.tld
>> 
>>  iface eth1 inet6 static
>>    address 2001:xxxx:xxxx:2::20
>>    netmask 64
>>    gateway 2001:xxxx:xxxx:2::1
>>    dns-nameservers 2001:xxxx:xxxx:2::1
>>    dns-search somedomain.tld
>> 
>> The NICs are configured fine, but only _one_ ipv6 gets assigned. After a reboot either
>> eth0 or eth1 gets it’s ipv6 assigned, never both. I can add the missing ip manually with
>> 
>>  ip -6 addr add 2001:xxxx:xxxx:2::20/64 dev eth1
>> 
>> But I can’t get it to be assigned automatically. What am I doing wrong here? I’ve been googling for multi homed servers, but can’t find anything on this issue.
>> 
>> Also, I noticed that if I ping6 a host is subnet A from a NIC in subnet B, the servers ip6 in subnet A is used as source ip, even if an ipv6 in subnet B is available on that NIC. Does this mean that the return traffic is routed over subnet A in stead of B? This is not desirable since I’d like the traffic between both subnets to be fire-walled by the router.
>> 
>> 
>> Thanks
> 
> Hi!
> 
> You need to read this:
> http://lartc.org/howto/lartc.rpdb.multiple-links.html    ;-)
> 
> Also, AFAIK, `ifupdown` doesn't handle multi-gateways, with load
> balance and etc, so, you'll need to configure it using "up ip ...",
> or, via /etc/rc.local (i.e., don't use "gateway" entry on
> /etc/network/interfaces on this case).
> 
> I have a similar setup working here (multi-wan), I can share the
> confs if you want.
> 
> Best!
> Thiago

Thanks, that article is very informative. As Pascal Hambourg also mentioned, it’s a little silly to add two default routes :-) 

Your link shows clearly how to handle both interfaces simultaniously with routes. The thing is, in my case there will not be any load balancing since the machine will run openvz containers that will be either using eth0 or eth1 (the server will be sort of split in two, running internet and LAN facing containers, both groups isolated from one another). So, I’ll be in fact connecting 4 networks; two virtual ones (one for each group of containers, venet0 and venet1) and the two NICs. Each virtual network will have to be routed to a single NIC… then mix in some iptables. 

I’ll just have to dive into this and report back when I’m stuck…

Thanks so far.
Reply to: