Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Unable to SSH on IPv6

Hello all,

I am using Newton release of Openstack. Trying to create a setup with IPv6 here. My backbone/core network doesn't have IPv6 so I have kept one interface of IPv4 as well to login into VMs. Here are few details about the setup I am trying to create:

I am doing all this from Horizon itself.

1) IPv6 Network (ipv6-priv) 2) IPv6 Subnet (2001:db8::/64) 3) Have selected DHCPv6-Stateful DHCP configuration while creating Network. 4) Spawned 2 VMs to check ping, SSH and netcat. 5) VMs have 2 interfaces (eth0 which is ipv4 based and eth1 which is ipv6)

Following issues can be seen:

ISSUE #1: New VMs that get spawned don't come up with IPv6 attached to them if I check from CLI. I have to create a network config file eth1.cfg with following entries:

# The primary network interface
auto eth1
iface eth1 inet6 dhcp

After this, I run ifup eth1 and then I can see IPv6 allocated by Neutron on VMs.

Issue #2: Unable to ping each other from these VMs

I solved it by creating a route on both the VMs:

ip -6 route add 2001:db8::/64 dev eth1

After setting this route, I am able to ping6.

ISSUE #3: Unable to SSH:

I have set rules in security policy for all TCP, UDP and ICMP for IPv6 for ::/0. So this can't be a problem. After playing with tcpdump on VM1, 2 and HOST on which these VMs are spawned, I could see packets flowing like this:

VM1(initiated SSH from here) -----> HOST -----> VM2(SSH server) -----> HOST -----x

Packets are never received on VM1 hence SSH session never begins. I could see few fast re-transmits as well. Although, if I use netcat, it works absolutely fine.

Do I need to do additional configuration on the HOST machine to allow packets to flow to VM1?

TIA