Introducing DigitalOcean Functions: A powerful, serverless compute solution

Related

Regarding pre-pay options
Question
Reseller Plan for hosting plans
Question

Question

Route IPv6 through DigitalOcean VPN Server

  • Posted May 1, 2015
  • VPN

I set up a Server, which will I use mostly as “US” gateway ;)

On Server Side, I have two interfaces. eth0 & tap_soft. eth0 has the given IPv6 address 2604:[…]:8001. I set manual to tap_soft the address: 2604:[…]:8002.

I also set manual the client-IP to 2604:[…]:8003.

The VPN is Layer2 based and I can ping 2604:[…]:8002 from my client, but ether 2604:[…]:8001 or any public ipv6 addresslike google (tried 8001 and 8002 as gateway) I have enabled “net.ipv6.conf.all.forwarding=1” in sysctl.conf. I think the problem is the “step” from the tap-device to eth0. For IPv4 I use iptables and SNAT. But I don’t want to nat ipv6, if I have enough addresses. (and yes, 16 addresses are enough for me^^)

Any Ideas or even better: solutions? Thanks

Subscribe
Share
martinb738fb511March 11, 2016

Sounds familiar. I think the problem is that your VPN segment is not bridged with eth0 for NDP to work (which is good and I do not recommend to do such bridging). To overcome that you have to configure NDP proxy for all IPv6 addresses that are used in the VPN segment:

ip -6 neigh add proxy 2a03:b0c0:2::xxxx dev eth0

with xxxx going from 8002 to 800f, 14 commands total. Update the prefix to suit your assignment.

tehdarthererNovember 29, 2015

+1 got the same problem. Any solutions yet? Maybe one has to set a route?

mralexgrayOctober 8, 2015

+1 desperate to figure this out, too! i can’t even seem to ping my tap (8002) interface from outside. it is definitely an issue “bridging” the ipv6 traffic that only seems to want to hit eth0!

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Ryan QuinnJune 9, 2016

This question was answered by @martinb738fb511:

Sounds familiar. I think the problem is that your VPN segment is not bridged with eth0 for NDP to work (which is good and I do not recommend to do such bridging). To overcome that you have to configure NDP proxy for all IPv6 addresses that are used in the VPN segment:

ip -6 neigh add proxy 2a03:b0c0:2::xxxx dev eth0

with xxxx going from 8002 to 800f, 14 commands total. Update the prefix to suit your assignment.

View the original comment

1-Click Deploy: OpenVPN Access ServerMarketplace

Want to build faster and smarter?

  • Visit Marketplace to quickly deploy 1-Click apps
  • Save time with preconfigured environments that have all the prerequisites installed
  • Get access to the most efficient tools to build your business

Related

Regarding pre-pay options
Question
Reseller Plan for hosting plans
Question
1-Click Deploy: OpenVPN Access ServerMarketplace

Want to build faster and smarter?

  • Visit Marketplace to quickly deploy 1-Click apps
  • Save time with preconfigured environments that have all the prerequisites installed
  • Get access to the most efficient tools to build your business