前言
懒....反正就是云筏KVM分配公网IPv6给KVM的实现方式,zkeys不支持IPv6所以我们只能自己来了...
宿主机配置
网卡配置
共网网桥 2a01:4f8:212:1c60::1/128 网关为公网网关
内网网桥 2a01:4f8:212:1c60::1/64 网关留空
路由配置
简单来说2a01:4f8:212:1c60::1/64全部走内网网桥,其余流量走公网网桥
ip -6 route自己看看del还是add
安装和配置DHCP服务
yum install dhcp -y
cp /usr/share/doc/dhcp-4.2.5/dhcpd6.conf.example /etc/dhcp/dhcpd6.conf
#覆盖掉
然后就是配置DHCPv6的网段了,先看看官方给的例子:
[root@HPC-FSN1-M103 ~]# cat /etc/dhcp/dhcpd6.conf
# Server configuration file example for DHCPv6
# From the file used for TAHI tests.
IPv6 address valid lifetime
(at the end the address is no longer usable by the client)
(set to 30 days, the usual IPv6 default)
default-lease-time 2592000;
IPv6 address preferred lifetime
(at the end the address is deprecated, i.e., the client should use
other addresses for new connections)
(set to 7 days, the usual IPv6 default)
preferred-lifetime 604800;
T1, the delay before Renew
(default is 1/2 preferred lifetime)
(set to 1 hour)
option dhcp-renewal-time 3600;
T2, the delay before Rebind (if Renews failed)
(default is 3/4 preferred lifetime)
(set to 2 hours)
option dhcp-rebinding-time 7200;
Enable RFC 5007 support (same than for DHCPv4)
allow leasequery;
Global definitions for name server address(es) and domain search list
option dhcp6.name-servers 3ffe:501:ffff:100:200:ff:fe00:3f3e;
option dhcp6.domain-search “test.example.com”,“example.com”;
Set preference to 255 (maximum) in order to avoid waiting for
additional servers when there is only one
##option dhcp6.preference 255;
Server side command to enable rapid-commit (2 packet exchange)
##option dhcp6.rapid-commit;
The delay before information-request refresh
(minimum is 10 minutes, maximum one day, default is to not refresh)
(set to 6 hours)
option dhcp6.info-refresh-time 21600;
The path of the lease file
dhcpv6-lease-file-name “/var/lib/dhcpd/dhcpd6.leases”;
Static definition (must be global)
host myclient {
# The entry is looked up by this
host-identifier option
dhcp6.client-id 00:01:00:01:00:04:93:e0:00:00:00:00:a2:a2;
# A fixed address
fixed-address6 3ffe:501:ffff:100::1234;
# A fixed prefix
fixed-prefix6 3ffe:501:ffff:101::/64;
# Override of the global definitions,
# works only when a resource (address or prefix) is assigned
option dhcp6.name-servers 3ffe:501:ffff:100:200:ff:fe00:4f4e;
# For debug (to see when the entry statements are executed)
# (log "sol" when a matching Solicitation is received)
##if packet(0,1) = 1 { log(debug,"sol"); }
}
host otherclient {
# This host entry is hopefully matched if the client supplies a DUID-LL
# or DUID-LLT containing this MAC address.
hardware ethernet 01:00:80:a2:55:67;
fixed-address6 3ffe:501:ffff:100::4321;
}
The subnet where the server is attached
(i.e., the server has an address in this subnet)
subnet6 3ffe:501:ffff:100::/64 {
# Two addresses available to clients
# (the third client should get NoAddrsAvail)
range6 3ffe:501:ffff:100::10 3ffe:501:ffff:100::11;
# Use the whole /64 prefix for temporary addresses
# (i.e., direct application of RFC 4941)
range6 3ffe:501:ffff:100:: temporary;
# Some /64 prefixes available for Prefix Delegation (RFC 3633)
prefix6 3ffe:501:ffff:100:: 3ffe:501:ffff:111:: /64;
}
A second subnet behind a relay agent
subnet6 3ffe:501:ffff:101::/64 {
range6 3ffe:501:ffff:101::10 3ffe:501:ffff:101::11;
# Override of the global definitions,
# works only when a resource (address or prefix) is assigned
option dhcp6.name-servers 3ffe:501:ffff:101:200:ff:fe00:3f3e;
}
A third subnet behind a relay agent chain
subnet6 3ffe:501:ffff:102::/64 {
range6 3ffe:501:ffff:102::10 3ffe:501:ffff:102::11;
}
其实并用不到这么多参数,自己改改就好了
default-lease-time 2592000;
preferred-lifetime 604800;
option dhcp-renewal-time 3600;
option dhcp-rebinding-time 7200;
allow leasequery;
option dhcp6.info-refresh-time 21600;
dhcpv6-lease-file-name “/var/lib/dhcpd/dhcpd6.leases”;
subnet6 2a01:4f8:212:1c60::/64 {
range6 2a01:4f8:212:1c60::1000 2a01:4f8:212:1c60::2000;
option dhcp6.name-servers 2001:4860:4860::8888;
option dhcp6.domain-search “kvm.cloudraft”;
}
测试配置
宿主机
[root@HPC-FSN1-M103 ~]# service dhcpd6 status
Redirecting to /bin/systemctl status dhcpd6.service
● dhcpd6.service - DHCPv6 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd6.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2020-07-20 09:56:49 CEST; 9s ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 9653 (dhcpd)
Status: "Dispatching packets..."
Tasks: 1
CGroup: /system.slice/dhcpd6.service
└─9653 /usr/sbin/dhcpd -f -6 -cf /etc/dhcp/dhcpd6.conf -user dhcpd -group dhcpd --no-...
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]:
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]:
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]: No subnet6 declaration for ens5 (no IPv6 addresses).
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]: ** Ignoring requests on ens5. If this is not what
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]: you want, please write a subnet6 declaration
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]: in your dhcpd.conf file for the network segment
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]: to which interface ens5 is attached. **
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]:
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]: Listening on Socket/5/enp5s0/2a01:4f8:212:1c60::/64
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]: Sending on Socket/5/enp5s0/2a01:4f8:212:1c60::/64
虚拟机
首先参考这里配置:
文章目录[隐藏] 前言 CentOS7 Debian / Ubuntu 前言 本教程适用于云筏的NAT服务器,地址:https://my.cloudraft.cn/server/buy.html?lineid=1012 CentOS7 开启IPv6功能 有些镜像是禁用了IPv6功能的,因此需要开启。首先查看一下是否被禁用了: [root@hSxavP1000044 network-scripts]# sysctl -a | grep ipv6.*disable sysctl: reading key "net.ipv6.conf.all.stable_secret" net.ipv6.conf.all.disable_ipv6 = 1 sysctl: net.ipv6.conf.default.disable_ipv6 = 1 reading key "net.ipv6.conf.default.stable_secret" sysctl: reading key "net.ipv6.conf.eth0.stable_secret" net.ipv6.conf.eth0.disable_ipv6 = 1 sysctl: reading key "net.ipv6.conf.lo.stable_secret" net.ipv6.conf.lo.disable_ipv6 = 1 disable=1说明被禁用了,因此需要去修改,配置文件为/etc/sysctl.conf vi /etc/sysctl.conf #把ipv6 disable的参数都改为0,然后保存,重载服务后生效 [root@hSxavP1000044 ~]# sysctl -p […]
然后测试一下即可
Please quote the original link:https://www.liujason.com/article/829.html