o/

Hi there! I am running a Triton CoaL VM in a hypervisor in Windows and have been trying to get a global IPv6-address and routing enabled in a zone, but it has not worked out so far. The VM gets the local fe80-address which has been configured in het json file I used to setup the machine and sometimes the global prefix after starting usr/lib/inet/in.ndpd but that's all.

I have assigned a static IPv6-address to the SmartOS global zone and added the global IPv6-address of the uplink router to "route -p" and my pings to ipv6.google.com in gobal zone get answered. But if I try to ping this IPv6-address(2a02:), I get "Destination host unreachable", which is odd

I however get ping replies if I try to ping the fe80 IPv6-addresses of both global and the vm.

Any idea about what I might be doing wrong?

vmadm update <uuid> allowed_ips=<IPv6-address> only changes the linklocal fe80 address to the prefix. Setting up a static IPv6-address in the vm(zlogin) is not allowed because "from-gz"

Is your IPv6 address literally just 2a02:: ?

THat seems... light.

danmcd: No, it consist of a prefix(2a02:xxxx:yyyy:1) and the device address(wwww:xxxx:yyyy:zzzz).

Ahh.

SOrry.

What does "route get -inet6 <DEST>" say?

This is in global zone by the way

TheTim0Nat0r: I use IPv6 in zones all the time. I can help you out in about an hour when I'm free.

bahamat: Really? I am curious how you managed to get it up and running. Been trying with both zones and kvm for some days now without luck.

Yes, really. I'm using it right now. And, like I said, I'll help you out in an hour :-)

Great :)

dynamic ipv6 without allowing ip spoofing doesn't work :(

nbjoerg: I have allowed ip spoofing in the json config which i used to create the vm, did not help either unfortunately

who is handling the ipv6 uplink in your case, the gz?

nbjoerg: Dont know if gz really handles the uplink. I enable ipv6 on external0 after boot of the system(ifconfig external0 inet6 plumb up), restart ndp to get the prefix with addrconf, assign a static address to the gz(ipadm create-addr -T static -a <ipv6-address> external0) and add a route (route -p add -inet6 default <ipv6-address)

If you can reach ipv6.google.com you can reach other IPv6 which means traceroute(8) SHOULD work.

traceroute -A inet6 <DEST>

(Note: Leaving for 20mins for an appt.)

danmcd: i.gyazo.com/836ebcb9dcca9cb6ca2d8e3a687c8eae.png

I forgot to ask, what does "route get -inet6 <YOUR-DEST>" say?

I'm curious if there's a prefix mismatch or something. ALSO is ndp running?

`pgrep in.ndpd` and/or `svcs -xv ndp`

I have to leave now, so sorry for any delay. I saw bahamat may have some cycles to help up top so he might be able to pickup. Sorry for any latency, and I can't promise anything from other people either.

danmcd: route get -inet6 <YOUR-DEST> => i.gyazo.com/116e88a4f8843d1fec4f894407225aa9.png

danmcd: svcs -vx ndp => i.gyazo.com/6d634ab3ff5bde7daab5e7b01dfea9aa.png

danmcd: No problem, I'll make sure to keep the irc client online to be able to read any answers or questions regarding the issue :)

TheTim0Nat0r -> log.omnios.org

TheTim0Nat0r: If you have router advertisements on your network you shouldn't need to add a static default route.

I'm trying to install smartos but fails on fdisk pastebin.com/9qeLnGcM how do I fix this ?, I'm installing in a cloud provider so I need the pool to be booteable

I mean it asks to use fdisk to fix the problem, but I don't know what the problem is

neirac: When you're in the installer you can hit ctrl-C to drop to a shell.

Then you can use fdisk to try to figure out what's going on.

Usually this means there's something else on the disk and just deleting everything with fdisk should be sufficient to start over and try again.

Bahamat thanks, I'll try that

bahamat: I get a prefix assigned in global zone, but that's all. I am not able to ping6 without configuring a static IP and route myself.

neirac: In any case, you're still booted tot he full PI there, so you should be able to do whatever investigation you need to figure out what's going wrong.

TheTim0Nat0r: Are you in control of the router?

bahamat: Yes.

Can you ping the fe80 address if the router?

bahamat: Address Unreachable

Check ndp -an

It's not there

so that's your first problem.

Can you trace packets on your router?

I think I have been looking at the wrong fe80. I have been looking for the fe80 which shows up in Win10, which is the host PC. I ran this script setting up some different network adapters in Windows, which VMWare uses for the NIC with tag "external0".

the fe80 of the VM8 adapter shows up with "ndp -an"

Yeah, that would explain a lot.

So the correct way to configure IPv6 for the global zone is to put <tag>_ip6=<addrconf|address> in /usbkey/config

e.g.,: admin_ip6=addrconf or external_ip6=2001:db8::37

Since this is a Triton headnode, that also needs to be in /mnt/usbkey/config

So do that first, then reboot and see if it just works.

When the install script fails how do I go back to the installing or do I need to reboot ?

Okay, it is rebooting.

neirac: If you've dropped to a shell you can just exit to get back to the installer. If the installer failed in some way it's best to reboot to start fresh.

Bahamat I use dd to copy the iso to the disk, I assume when it boots is all in ram then I could write the disk again, but seems the installer don't like how the disk looks like

Yeah, I don't think that's going to work out as well as you think it will...

Are you able to chain load ipxe with that provider?

It just finished boot, and it now shows the prefix in ifconfig without me having to plumb up :)

bahamat: i.gyazo.com/e333185f012d14970468909d45a2595d.png

Bahamat let me check is oracle cloud

TheTim0Nat0r: And can you ping ipv6.google.com now?

neirac: If you can, chain load netboot.smartos.org/smartos.ipxe

bahamat: Yes

There you go.

Bahamat thanks!

bahamat: If I setup a new zone/VM with a json file like "vmadm create -f file.json", will it inherit those IPv6 settings from global zone automatically?

No

You need explicit configuration for the vm.

Okay, so in that case I will need to add both a fe80- and a 2a02-address tot the "nics".ällowed_ips" property in the json file to make it work?

No

Just add addrconf to the ips array

Does IPv6-support depend on the image I use? I keep getting an fe80 in the vm after logging in with zlogin and checking ifconfig

Show me your nics from the json

Do you have the ndp service enabled in that zone?

Yes

Result after reboot of headnode and vm: i.gyazo.com/53e7c96eae439f2c7f9c1a53e220f6e3.png

Seems like it works. :)

ifconfig does not show the external IPv6 address of the vm, is there another way to determine it?

Where are you running ifconfig?

Each zone has its own netstack (TCP/IP instance) so ifconfig in global will NOT show you things that ifconfig in zone will (and vice versa).

bahamat: In the non-global zone

danmcd: I know, but ifconfig in both global and non-global zone only show the prefix if i run ifconfig

ipadm only shows a local fe80

Screenshot: i.gyazo.com/7cd84d2bdbe1513b0e311cee95350004.png

multiarch 15.4.1 is quite old though

"quite" ;)

Downloaded another image(base-64 21.4.1), but it does not show anything at all if I run ifconfig

Seems like I need to enable ndp each first run after creation. Now I also get the prefix here, I can run "ping -A inet6 ipv6.google.com" and it's alive :)

That tracks.

TheTim0Nat0r: Yes, you need to enable ndp manually once.