How do I attach the IP address inside the container?


(Tolgahan) #1

Hello,

I’ve managed to connect my IPv6 /64 subnet to my LXD setup and now every time I create a container, it gets an IPv6 address from the /64 subnet of my server and I route it so the container becomes available to connect from outside, like ssh.

However, when I try to ping the outside like curl -6 icanhazip.com, inside of my container, it still displays the host server’s IP address.

Is there way to work this around?


#2

ip6tables checked?
For me it sounds like active SNAT for the bridge


(Tolgahan) #3

I’m not sure, can you help me with that?


#4

Inspect the POSTROUTING chain in ip6tables on the host. In case IPv6 NAT is enabled you should see a MASQUERADE line.

# sudo ip6tables -v -n -t nat -L POSTROUTING
Chain POSTROUTING (policy ACCEPT 23560 packets, 5043K bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 MASQUERADE  all      *      *       xxxx::/64 !xxxx::/64  /* generated for LXD network yyyy */

There is a setting for enabling/disabling IPv6 NAT in the LXD network settings, ipv6.nat:
https://lxd.readthedocs.io/en/latest/networks/

The network can be edited this way:
# lxc network edit <name>