Lennart Poettering <lenn...@poettering.net> schrieb: > On Mon, 27.04.15 20:08, Kai Krakow (hurikha...@gmail.com) wrote: > >> > Or in other words: ipv6 setup needs some manual networking setup on >> > the host. >> >> Or there... Any pointers? > > Not really. You have to set up ipv6 masquerading with ip6tables. And > ensure the containers get ipv6 addresses that are stable enough that > you can refer to them from the ip6tables rules...
Somehow I thought I would be smart by adding this ExecPostStart script (OTOH it's probably just time for bed): #!/bin/bash IFNAME=${1:0:14} # %I is passed here if [ -n "$IFNAME" ]; then IP=$(ip -6 addr show dev $IFNAME scope global | awk '/inet6/ { print $2 }') /sbin/sysctl net.ipv6.conf.$IFNAME.forwarding=1 [ -z "$IP" ] || /sbin/ip6tables -t nat -I POSTROUTING --source $IP --dest ::/0 fi exit 0 and adding Address=::0/126 to the [Network] section of ve-* devices... But somehow it does not work. If I run it manually after starting the container, it does its work. Of course, inside the container, it won't have the counterpart address assigned (it works for DHCPv4 only). If I modify the script to use scope link instead of global, it also works - but that won't route anyways. I suppose, when ExecPostStart is running, the link is just not ready yet. An IP address fc00::... will be added to the interface, tho. So at least that works. -- Replies to list only preferred. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel