Lennart Poettering <lenn...@poettering.net> schrieb: > On Mon, 27.04.15 15:44, Dimitri John Ledkov (dimitri.j.led...@intel.com) > wrote: > >> > Well, networkd on the host automatically sets up IPv4 masquerading for >> > each container. We simply don't do anything equivalent for IPv6 >> > currently. >> > >> > Ideally we wouldn't have to do NAT for IPv6 to make this work, and >> > instead would pass on some ipv6 subnet we acquired from uplink without >> > NAT to each container, but we currently don't have infrastructure for >> > that in networkd, and I am not even sure how this could really work, >> > my ipv6-fu is a bit too limited... >> > >> > or maybe we should do ipv6 nat after all, under the logic that >> > containers are just an implementation detail of the local host rather >> > than something to be made visible to the outside world. however code >> > for this exists neither. >> > >> > Or in other words: ipv6 setup needs some manual networking setup on >> > the host. >> >> One should roll the dice and generate unique local address /48 prefix >> and use that to setup local addressing, ideally with >> autoconfigurations (e.g. derive a fake mac from container uuid and >> using the "hosts's" ULA prefix auto-assign ipv6 address) > > Well, would that enable automatic, correcting routing between the > container and the host's external network? That's kinda what this all > is about...
My IPv6-fu is in apprentice-mode, too. But my first guess would be: no. Local addressing is not routed AFAIK. So I need a global scope address (and for my use-case I don't want that) or it has to go through NAT. You said you don't setup IPv6 masquerading, yet. My first guess was I may have forgotten to setup IPv6 NAT support in the kernel. I'll check that. Along with that I'm eager to read about a proper, official solution within systemd-nspawn here. -- Replies to list only preferred. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel