I have a bare metal server in Hetzner with its standard network configuration (one IPv4 + subnet /64 IPv6). I’d like to create a container via LXD that would have an external IPv6 address from that subnet and a local IPv4 address (e.g. received from lxdbr0). Additionally, I would like to forward several IPv4 ports to the container. It would be cool if the host and container could locally communicate, as @tomp wrote here.
How to achieve this?
I read about routed NIC type. However, I have not found a description of the configuration in which the container gets external IPv6 and local IPv4.
“Routed” description suggests that since the addresses would have to be allocated from different pools, the configuration must point to two different “parent” devices (e.g. eth0 and lxdbr0). Which leads to the conclusion that the container should have two network interfaces (e.g. eth0 for ex-IPv6 and eth1 for local-IPv4). Am I right? Can this be simplified somehow?
Thank you for any advice, keyword or link to how-to.
Hi @kkw, for local communication with the host you can use the standard lxdbr0 bridge from which the container gets a nic device. By default this network has an ipv4.address which you can use to reach the host directly.
You can then use network forwards to forward specific IPv4 ports from the hosts public IPv4 to the container.
Regarding the IPv6 connectivity and the ability to use addresses out of the assigned /64 have you seen this post https://discuss.linuxcontainers.org/t/hetnzer-server-setup-with-public-ipv6-addresses/11313/7 (option 2)?
It should allow you to do both using a single network interface attached to the container.
Yeah, because Hetzner does not require NDP responses on the external interface and instead directly route IPv6 traffic for the /64 to the host’s external interface, it is possible to use a lxdbr0 bridge configured with your public /64 range, and then modify the the host’s external interface to have a /128 address (such that the host knows the rest of the /64 is reachable via the lxdbr0 interface).