How do I attach the IP address inside the container?

(Tolgahan) #1


I’ve managed to connect my IPv6 /64 subnet to my LXD setup and now every time I create a container, it gets an IPv6 address from the /64 subnet of my server and I route it so the container becomes available to connect from outside, like ssh.

However, when I try to ping the outside like curl -6, inside of my container, it still displays the host server’s IP address.

Is there way to work this around?


ip6tables checked?
For me it sounds like active SNAT for the bridge

(Tolgahan) #3

I’m not sure, can you help me with that?


Inspect the POSTROUTING chain in ip6tables on the host. In case IPv6 NAT is enabled you should see a MASQUERADE line.

# sudo ip6tables -v -n -t nat -L POSTROUTING
Chain POSTROUTING (policy ACCEPT 23560 packets, 5043K bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 MASQUERADE  all      *      *       xxxx::/64 !xxxx::/64  /* generated for LXD network yyyy */

There is a setting for enabling/disabling IPv6 NAT in the LXD network settings, ipv6.nat:

The network can be edited this way:
# lxc network edit <name>