IPv6 Routing / Subnetting

Question

Recently I have installed Citrix Xen Server 6.2 on a machine. My Provider (Hetzner) gave me the IPv6 Subnet 2a01:4f8:200:xxxx::/64.

Followed an article in the providers wiki (1) i got it working and can assign IPs to my guests (CentOS). However i can't assign a second IP to a single guest - it will result in a timeout. I'm not very familiar with IPv6 routing / subnetting - any help or tips for further troubleshooting is welcome!

My Setup:

XenServer 6.2
IPv6: 2a01:4f8:200:xxxx::2/112
ip -6 route:

    2a01:4f8:200:xxxx::/112 dev xenbr0  proto kernel  metric 256  mtu 1500 advmss 1440 hoplimit 0
    fe80::1 dev xenbr0  metric 1024  mtu 1500 advmss 1440 hoplimit 0
    default via fe80::1 dev xenbr0  metric 1024  mtu 1500 advmss 1440 hoplimit 0

Guest 1
IPv6: 2a01:4f8:200:xxxx::3/64
IPv6: 2a01:4f8:200:xxxx::4/64
ip -6 route: 
    2a01:4f8:200:xxxx::/64 dev eth0  proto kernel  metric 256  mtu 1500 advmss 1440 hoplimit 4294967295
    fe80::/64 dev eth0  proto kernel  metric 256  mtu 1500 advmss 1440 hoplimit 4294967295
    default via fe80::1 dev eth0  metric 1  mtu 1500 advmss 1440 hoplimit 4294967295


Guest 2
IPv6: 2a01:4f8:200:xxxx::5/64

Guest 1 IPv6 is working fine, Guest 2 too.

As suggested by the wiki article (1) i split my /64 network into a /112. Is it right to set the host /112 and the guests /64? Why is that?

Nothing about Hetzner's network is right. You will almost certainly need their help to resolve this, and they almost certainly will refuse to help you. — Michael Hampton, Oct 21 '13 at 16:52
Thank you - but can you tell me if I did everything right or confirm that this is a hetzner problem? As I can use the first IPv6 on each guest I thought it is a routing problem caused by the XenSevrer — nappo, Oct 25 '13 at 07:22

score 0 · Answer 1 · answered Aug 06 '14 at 13:49

0

There is no such thing as subnetting in IPv6, every subnet is /64. Do not attempt to subnet a /64, IPv6-mechanisms like SLAAC will wreck your scheme.

From your description I understand that you have to bridge the guest interfaces to the host interface, so they are in the same subnet as the host. If, however, the host is a router for the guests, then you're stuck.

Finally, you should complain loudly, providers are supposed to deal out /48 prefixes to their customers (although many deal out /56 which will do for most end sites).

answered Aug 06 '14 at 13:49

countermode

375
1
4
14

In the past their official documentation said you could get a a /64 link prefix and a routed prefix: https://web.archive.org/web/20120825102214/http://wiki.hetzner.de/index.php/IP-Adressen/en They did not specify a length for the routed prefix, and it is unclear to me if they ever fulfilled a request for a routed prefix. They are no longer advertising availability of routed prefixes. – kasperd Aug 06 '14 at 14:03
Hmmm. I am connected through HE, they gave me a /64-prefix for my router (external interface) and a /48-prefix for my own internal networking. That's the way it should be. Just a /64-Prefix is not very useful for end sites. – countermode Aug 06 '14 at 14:07
HE is not the only provider handing out more IPv6 addresses to users of a free tunnel service, than what Hetzner is handing out to their paying customers. Moreover it is stupid to not just give each customer a routed prefix, because any customer using a workaround for lack of routed prefix is going to cause additional load on the provider's router. I doubt any company in the world has enough customers to run out of IPv6 addresses by handing out a `/60` to each customer, given that that the company would have received a `/32` from the RIR. – kasperd Aug 06 '14 at 14:14

IPv6 Routing / Subnetting

1 Answers1