[systemd-devel] systemd-nspawn and IPv6
Lennart Poettering
lennart at poettering.net
Mon Apr 27 07:01:54 PDT 2015
On Sun, 26.04.15 16:50, Kai Krakow (hurikhan77 at gmail.com) wrote:
> Hello!
>
> I've successfully created a Gentoo container on top of a Gentoo host. I can
> start the container with machinectl. I can also login using SSH. So mission
> almost accomblished (it should become a template for easy vserver cloning).
>
> But from within the IPv6-capable container I cannot access the IPv6 outside
> world. Name resolution via IPv6 fails, as does pinging to IPv6. It looks
> like systemd-nspawn does only setup IPv4 routes to access outside my gateway
> boundary. IPv6 does not work.
Well, networkd on the host automatically sets up IPv4 masquerading for
each container. We simply don't do anything equivalent for IPv6
currently.
Ideally we wouldn't have to do NAT for IPv6 to make this work, and
instead would pass on some ipv6 subnet we acquired from uplink without
NAT to each container, but we currently don't have infrastructure for
that in networkd, and I am not even sure how this could really work,
my ipv6-fu is a bit too limited...
or maybe we should do ipv6 nat after all, under the logic that
containers are just an implementation detail of the local host rather
than something to be made visible to the outside world. however code
for this exists neither.
Or in other words: ipv6 setup needs some manual networking setup on
the host.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list