Hetzner, Debian, KVM and IPv6

Well, I’ve had my share of troubles with Hetzner, Debian, KVM and IPv6 addresses. After figuring out how to get around the IPv6 neighbor stuff (npd6 for teh win!), I battled with the problem that after restarting (rebooting/resetting – doesn’t really matter) a domain it’s IPv6 address would no longer work.

Well, today I decided to take a closer look. After the reboot, the guest comes up with this:

A quick peek into ip 6 neigh show reveals this:

At this point I had no idea were to look (I haven’t used IPv6 much), so thanks to a friend I ended up googling whatever dadfailed meant … as it turns out dadfailed indicates that a duplicate address had been detected. A short peek into kern.log/dmesg fuelled that idea:

So, I went on googling IPv6, KVM and duplicate address, and guess what .. I don’t seem to be the only one that has this issue … I haven’t found the root cause of this, but I have a quick fix … I usually don’t assign duplicate IPv6 addresses to multiple domains (each domain has it’s on block of IPv6 addresses), so I ended up writing a short puppet class, that’ll disable the Duplicate Adress Detection for all my KVM guests!

3 thoughts on “Hetzner, Debian, KVM and IPv6

  1. I just upgraded from Xen 4.3 to Xen 4.4 and now all domUs have their IPv6 addresses dadfailed. Even the link local addresses, which are based on the MAC address! I’m thinking they are somehow hearing their own DAD back, not realizing that what it is.

    Disabling DAD is an interesting workaround, but it feels “wrong” — but I’ll keep it in mind, if I can’t find a “proper” solution. Do you still have DAD disabled?

    1. Yeah, I still have DAD disabled. I haven’t even looked at again. Well, seeing as KVM uses Qemu in some form also, I should maybe look at this again 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *