IPv6 Inside Containers - Route from other machines

How do I get other machines on my network to recognize the IPv6 addresses assigned to my Podman network/containers on VyOS?

I setup a network that looks like this:

root@ruth:~# podman network inspect NET
[
     {
          "name": "NET",
          "id": "e2ffa4f10657fdc497808a7a6cd904bddecc0607486e8796178aed99e5978d4e",
          "driver": "bridge",
          "network_interface": "pod-NET",
          "created": "0001-01-01T00:00:00Z",
          "subnets": [
               {
                    "subnet": "10.99.0.0/24",
                    "gateway": "10.99.0.1"
               },
               {
                    "subnet": "fd42:69c8:117::/64",
                    "gateway": "fd42:69c8:117::1"
               }
          ],
          "ipv6_enabled": true,
          "internal": false,
          "dns_enabled": true,
          "ipam_options": {
               "driver": "host-local"
          }
     }
]

I used an online generator to create an internal IPv6 subnet.
I then attached a container and assigned both types of addresses:

"--net",
"NET",
"--ip",
"10.99.0.2",
"--ip6",
"fd42:69c8:0117::2",

From the VyOS host, all works. Can access services running in the container on both addresses.

From other computers on my network I can only access IPv4.

$ traceroute 10.99.0.2
traceroute to 10.99.0.2 (10.99.0.2), 64 hops max, 40 byte packets
 1  pi.hole (10.0.0.1)  3.145 ms  0.628 ms  0.532 ms
 2  10.99.0.2 (10.99.0.2)  1.187 ms  0.624 ms  0.494 ms
$ traceroute fd42:69c8:0117::2
traceroute: unknown host fd42:69c8:0117::2

Please attach VyOS configuration and your client configuration with a network diagram, otherwise it would be hard to guess.

Use traceroute6, traceroute is for IPv4. It’s saying unknown host because it thinks it’s a DNS name, and can’t resolve it

$ traceroute fd42:69c8:0117::2
traceroute: unknown host fd42:69c8:0117::2

$ traceroute6 fd42:69c8:0117::2
traceroute6 to fd42:69c8:0117::2 (fd42:69c8:117::2) from fdb2:3c2c:221:0:183d:e4a2:eebd:bde7, 64 hops max, 28 byte packets

The answer is at the bottom of this long explanation I gave to another issue.

When a service in a container listens on a udp port, the gateway at the host level does not listen on that same udp port for IPv6. It does for IPv4. And then the packets get forwarded to internal host. But, there is nothing listening for IPv6.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.