docs(em): fix netplan ipv6 config (#3542)

* docs(ddx): configure ipv6 * docs(ddx): update ipv6 config * Update dedibox-network/ip-failover/how-to/configure-network-virtual-machine.mdx * feat(ddx): update ipv6 docs * feat(ddx): update docs * Apply suggestions from code review Co-authored-by: nerda-codes <[email protected]> --------- Co-authored-by: nerda-codes <[email protected]>
scaleway · Jul 30, 2024 · 56b13d5 · 56b13d5
1 parent 9228de3
commit 56b13d5
Show file tree

Hide file tree

Showing 6 changed files with 214 additions and 106 deletions.
diff --git a/bare-metal/elastic-metal/how-to/configure-flexible-ipv6.mdx b/bare-metal/elastic-metal/how-to/configure-flexible-ipv6.mdx
@@ -87,7 +87,10 @@ It replaces the classical network configuration with new configuration files, wr
     ```
     sudo netplan apply
     ```
-
+4. Test the connection with a ping to an external host:
+    ```
+    ping6 google.com
+    ```
 ## How to configure IPv6 on CentOS
 
 1. Open the automatically generated configuration file for your internet interface in a text editor, for example `/etc/sysconfig/network-scripts/ifcfg-eth0` and edit it as follows: 
@@ -109,5 +112,8 @@ It replaces the classical network configuration with new configuration files, wr
     ```
     systemctl restart network.service
     ```
-
+3. Test the IPv6 connection with a ping to an external host:
+    ```
+    ping6 google.com
+    ```
 
diff --git a/bare-metal/elastic-metal/how-to/configure-ipv6-hypervisor.mdx b/bare-metal/elastic-metal/how-to/configure-ipv6-hypervisor.mdx
@@ -1,102 +1,137 @@
 ---
 meta:
-  title: How to configure IPv6 virtual machines on Proxmox Elastic Metal
-  description: This page explains how to configure IPv6 virtual machines on Proxmox on Elastic Metal
+  title: How to configure IPv6 virtual machines with Proxmox on Elastic Metal
+  description: This guide explains how to configure IPv6 virtual machines on Proxmox on Elastic Metal, including how to find and configure the IPv6 gateway.
 content:
-  h1: How to configure IPv6 virtual machines on Proxmox on Elastic Metal
-  paragraph: This page explains how to configure IPv6 virtual machines on Proxmox on Elastic Metal
-tags: elastic-metal ipv6 virtual-machine proxmox esxi
+  h1: How to configure IPv6 virtual machines with Proxmox on Elastic Metal
+  paragraph: This guide explains how to configure IPv6 virtual machines on Proxmox on Elastic Metal, including how to find and configure the IPv6 gateway.
+tags: elastic-metal ipv6 virtual-machine proxmox
 dates:
-  validation: 2024-01-22
-  posted: 2022-04-01
+  validation: 2024-07-30
+  posted: 2024-07-30
 categories:
   - bare-metal
 ---
 
 When you install your server with a virtualization solution like Proxmox, you can create multiple virtual machines on the physical server and configure them to use flexible IPv6 addresses.
 
-Below, you will find some examples for the configuration of the network interfaces on different distributions inside a virtual machine.
+This guide covers the steps for configuring the network interfaces on different distributions inside a virtual machine on a Proxmox host using flexible IPv6 addresses on Elastic Metal servers.
 
 <Message type="tip">
-  * The IPv6 gateway for your machines is learned by RA. You do not need to specify it in your configuration.
-  * The DNS cache server (nameserver) may be different depending on the physical location of your server. Refer to our [network information documentation](/console/account/reference-content/scaleway-network-information/#dns-cache-servers) to find the IPv6 addresses to use with your machine.
+  The DNS cache server (nameserver) may be different depending on the physical location of your server. Refer to our [network information documentation](/console/account/reference-content/scaleway-network-information/#dns-cache-servers) to find the IPv6 addresses to use with your machine.
 </Message>
 
 <Macro id="requirements" />
 
 - A Scaleway account logged into the [console](https://console.scaleway.com/)
 - [Owner](/identity-and-access-management/iam/concepts/#owner) status or [IAM permissions](/identity-and-access-management/iam/concepts/#permission) allowing you to perform actions in the intended Organization
-- A [Dedibox server](/dedibox/dedicated-servers/how-to/order-a-server/) with a hypervisor (Proxmox or ESXi) installed on it
+- An [Elastic Metal server](/bare-metal/elastic-metal/how-to/create-server/) with a hypervisor (Proxmox) installed on it
 - A [flexible IPv6](/bare-metal/elastic-metal/how-to/order-flexible-ip/)
-- A [virtual MAC address](/dedibox-network/ip-failover/concepts/#virtual-mac-address)
+- A [virtual MAC address](/bare-metal/elastic-metal/how-to/add-virtual-mac-address/)
 
+## Finding your IPv6 gateway
 
-## Ubuntu 
+1. Log into your virtual machine using SSH.
 
-Since the release of version 18.04 (Bionic Beaver) Ubuntu has switched to Netplan for the configuration of network interfaces. For older releases of the distribution, refer to the configuration for Debian.
+2. Identify your network interface:
+   ```sh
+   ip a
+   ```
+   Take note of your network interface name (e.g., `ens18`).
 
-1. Log into your virtual machine and open the network configuration file `/etc/netplan/01-netcfg.yaml` in a text editor of your choice, for example `nano`:
+3. Find your IPv6 gateway:
+   ```sh
+   ip -6 route
+   ```
+   Look for the line that specifies the default route. It should look like the following:
+   ```
+   default via fe80::xxxx:xxxx:xxxx:xxxx dev ens18 proto static metric 1024 onlink
+   ```
+   The `fe80::xxxx:xxxx:xxxx:xxxx` part is your link-local IPv6 gateway address.
+
+## Ubuntu - Configuration with Netplan
+
+1. Open the Netplan configuration file:
     ```sh
     sudo nano /etc/netplan/01-netcfg.yaml
     ```
-2. Create a network configuration as follows. Remember to replace `FLEXIBLE_IPv6` with your failover IP address: 
+
+2. Create the network configuration:
     ```yaml
-    # This is the network config written by 'subiquity'
     network:
-    ethernets:
+      version: 2
+      renderer: networkd
+      ethernets:
         ens18:
-        addresses:
-        - FLEXIBLE_IPv6/64
-        nameservers:
-            addresses: [ "2001:bc8:1008:1::16" ]
-            search: []
-    version: 2
-    ```
-3. Save the file and exit the text editor.
-4. Apply the new configuration:
-    ```
+          dhcp4: false
+          dhcp6: false
+          accept-ra: no
+          addresses:
+            - FLEXIBLE_IPv4/32
+            - "FLEXIBLE_IPv6/64"
+          routes:
+            - to: 0.0.0.0/0
+              via: 62.210.0.1
+              on-link: true
+            - to: "::/0"
+              via: "LINK_LOCAL_IPv6_GATEWAY"
+              on-link: true
+          nameservers:
+            addresses:
+              - 51.159.47.28
+              - 51.159.47.26
+    ```
+    Replace `FLEXIBLE_IPv4`, `FLEXIBLE_IPv6`, and `LINK_LOCAL_IPv6_GATEWAY` with your actual IP addresses.
+
+3. Apply the configuration:
+    ```sh
     sudo netplan apply
     ```
 
 ## Debian
 
-1. Log into the virtual machine and edit the file `/etc/network/interfaces/` with a text editor of your choice, for example, `nano`:
+1. Edit the network interfaces file:
     ```sh
-    nano /etc/network/interfaces
+    sudo nano /etc/network/interfaces
     ```
-2. Configure the network interface as follows. Remember to replace `fail.over.ip.address` with your failover IP address:
+
+2. Configure the network interface:
     ```sh
     auto ens18
-        iface ens18 inet6 static
-        address FLEXIBLE_IPv6
-        netmask 64
-    ```
-3. Save the file and exit the text editor.
-4. Set the DNS server information by editing the file `/etc/resolv.conf`:
-    ```
-    nano /etc/resolv.conf
+    iface ens18 inet static
+      address FLEXIBLE_IPv4
+      netmask 255.255.255.255
+      gateway 62.210.0.1
+    iface ens18 inet6 static
+      address FLEXIBLE_IPv6
+      netmask 64
+      gateway LINK_LOCAL_IPv6_GATEWAY
+    ```
+    Replace `FLEXIBLE_IPv4`, `FLEXIBLE_IPv6`, and `LINK_LOCAL_IPv6_GATEWAY` with your actual IP addresses.
+
+3. Set the DNS resolver:
+    ```sh
+    sudo nano /etc/resolv.conf
     ```
-5. Set the DNS resolver by adding the following lines to the file. Then save it and exit the text editor:
+ 4. Add the following lines, then save and exit the file.
     ```
-    nameserver 2001:bc8:1008:1::16
-    nameserver 2001:bc8:1008:1::14
+    nameserver 51.159.47.28
+    nameserver 51.159.47.26
     ```
 
-    <Message typ="tip">
-      These DNS resolvers are operated by Scaleway. You can also set your preferred alternative DNS resolvers in the file.
-    </Message>
-6. Activate the network on your virtual machine by running the following code:
-    ```
-    ifup ens18
+5. Activate the network configuration:
+    ```sh
+    sudo ifup ens18
     ```
 
 ## CentOS
 
-1. Log into the virtual machine and edit the file `/etc/sysconfig/network-scripts/ifcfg-eth0` with a text editor of your choice, for example, `nano`:
+1. Edit the network script file:
     ```sh
-    nano /etc/sysconfig/network-scripts/ifcfg-eth0
+    sudo nano /etc/sysconfig/network-scripts/ifcfg-ens18
     ```
-2. Configure the network interface as follows. Remember to replace `fail.over.ip.address` with your failover IP address and `virtual:mac:address` with the virtual MAC of the VM:
+
+2. Configure the network interface:
     ```
     DEVICE=ens18
     BOOTPROTO=none
@@ -105,17 +140,60 @@ Since the release of version 18.04 (Bionic Beaver) Ubuntu has switched to Netpla
     IPV6INIT=yes
     PEERDNS=yes
     TYPE=Ethernet
-    NETMASK=64
-    IPADDR=FLEXIBLE_IPv6
-    DNS1=2001:bc8:1008:1::16
-    DNS2=2001:bc8:1008:1::14
+    NETMASK=255.255.255.255
+    IPADDR=FLEXIBLE_IPv4
+    IPV6ADDR=FLEXIBLE_IPv6
+    GATEWAY=62.210.0.1
+    DNS1=51.159.47.28
+    DNS2=51.159.47.26
     ARP=yes
     HWADDR=virtual:mac:address
     ```
-3. Save the file and close the text editor.
-4. Run the following command to bring the network interface up:
-    ```
-    ifup eth0
-    ```
-
+    Replace `FLEXIBLE_IPv4`, `FLEXIBLE_IPv6`, and `virtual:mac:address` with your actual IP addresses and MAC address.
 
+3. Bring up the network interface:
+    ```sh
+    sudo ifup ens18
+    ```
+
+4. Find the IPv6 gateway:
+   ```sh
+   ip -6 route
+   ```
+
+## Debugging configuration issues
+
+If your IPv6 configuration does not work as expected, follow these steps to troubleshoot:
+
+1. Check the interface configuration:
+   ```sh
+   ip a
+   ip route
+   ip -6 route
+   ```
+
+2. Run a ping test:
+   ```sh
+   ping6 google.com
+   ```
+
+3. Check the DNS resolution:
+   ```sh
+   dig google.com
+   dig -6 google.com
+   ```
+
+4. Review your network logs:
+   ```sh
+   sudo journalctl -u systemd-networkd
+   ```
+
+5. Restart network services:
+   ```sh
+   sudo systemctl restart systemd-networkd
+   ```
+6. Verify the link-local address:
+   ```sh
+   ip -6 addr show dev ens18
+   ping6 LINK_LOCAL_IPv6_GATEWAY
+   ```
diff --git a/dedibox-network/ip-failover/how-to/configure-network-virtual-machine.mdx b/dedibox-network/ip-failover/how-to/configure-network-virtual-machine.mdx
@@ -43,20 +43,19 @@ Since the release of version 18.04 (Bionic Beaver), Ubuntu has used Netplan for
 2. Create a network configuration as follows. Replace `fail.over.ip.address` with your failover IP address:
     ```yaml
     network:
-        version: 2
-        renderer: networkd
-        ethernets:
-            eth0:
-            dhcp4: no
-            dhcp6: no
-            addresses: [fail.over.ip.address/32]
-            gateway4: 62.210.0.1
+    ethernets:
+        ens18:
+            addresses:
+            - [ "fail.over.ip.address/32" ]
             nameservers:
               addresses: [ "51.159.47.28", "51.159.47.26" ] # Replace the IP of the DNS cache server with the one located in the same physical location as your machine for optimal performances (https://www.scaleway.com/en/docs/console/account/reference-content/scaleway-network-information/#dns-cache-servers/)
             routes:
-            - to: 62.210.0.1/32
-              via: fail.over.ip.address
-              scope: link
+            -   to: default
+                via: 62.210.0.1
+            -   to: 62.210.0.1/32
+                via: fail.over.ip.address
+                scope: link
+    version: 2
     ```
 3. Save the file and exit the text editor.
 4. Apply the new configuration:

diff --git a/dedibox-network/ipv6/how-to/debug-ipv6.mdx b/dedibox-network/ipv6/how-to/debug-ipv6.mdx
@@ -1,25 +1,26 @@
 ---
+
 meta:
-  title: How to resolve IPv6 connection issues
+  title: How to resolve IPv6 connection issues on Dedibox servers
   description: Learn how to troubleshoot and resolve common IPv6 connection issues on your Dedibox server with our step-by-step guide.
 content:
-  h1: How to resolve IPv6 connection issues
+  h1: How to resolve IPv6 connection issues on Dedibox servers
   paragraph: Learn how to troubleshoot and resolve common IPv6 connection issues on your Dedibox server with our step-by-step guide.
 tags: dedibox ipv6
 dates:
-  validation: 2024-06-03
+  validation: 2024-07-30
   posted: 2021-08-03
 categories:
   - dedibox-network
 ---
 
 <Macro id="requirements" />
-- A Dedibox account logged into the [console](https://console.online.net/)
+- A Dedibox account logged into the [Dedibox console](https://console.online.net/)
 - A [Dedibox dedicated server](https://www.scaleway.com/en/dedibox/)
-- An [RPN SAN](https://www.scaleway.com/en/dedibox/storage/)
 - A [requested /48 IPv6 prefix](/dedibox-network/ipv6/how-to/request-prefix/)
 - Configured the `systemd-networkd` [DHCPv6 client](/dedibox-network/ipv6/how-to/configure-ipv6-linux/)
 
+
 ## How to debug IPv6 connection issues from rescue mode
 
 If you experience IPv6 connection issues, you can test the network connectivity from [rescue mode](/dedibox/dedicated-servers/how-to/use-rescue-mode/).
@@ -64,6 +65,34 @@ Additionally, your server needs to be configured to accept RA (Router Advertisem
 
 If you need to forward IPv6 packets and use an automated configuration, set `net.ipv6.conf.all.accept_ra` to `2` in `/etc/sysctl.conf`. This is useful for hypervisor hosts such as Proxmox.
 
+## Additional methods to debug IPv6 connection issues
+
+### Check IPv6 route table
+Ensure that your server has the correct IPv6 routes. Use the following command to check the IPv6 route table:
+```bash
+ip -6 route show
+```
+Look for default routes and specific routes to your IPv6 network.
+
+### Check the Neighbor Discovery Protocol (NDP)
+Check the neighbor cache to ensure proper communication with the router:
+```bash
+ip -6 neigh show
+```
+
+### Use traceroute6 for path analysis
+Analyze the path to an external IPv6 address to identify where the connection might be failing:
+```bash
+traceroute6 ipv6.google.com
+```
+
+### Capture IPv6 traffic with tcpdump
+Capture and analyze IPv6 traffic to troubleshoot issues:
+```bash
+tcpdump -i eno1 -nnvvS ip6
+```
+Replace `eno1` with your network interface name.
+
 ## How to avoid DHCPv6 floods
 
 In some cases, certain DHCPv6 clients may send several requests per second (especially `dhcp6c`). This can trigger blocking of your server's network port by our automatic protection, as it will be seen as a source of a UDP flood.
@@ -72,5 +101,4 @@ To avoid this problem, limit the traffic sent from your `dhclient6` directly in
 ```bash
 ip6tables -A OUTPUT -p udp --dport 547 -m limit --limit 10/min --limit-burst 5 -j ACCEPT
 ip6tables -A OUTPUT -p udp --dport 547 -j DROP
-```
-
+```