kernel-tools Support IPv6 on C1

Support IPv6 on C1

Open moul opened this issue 8 years ago • 44 comments

Actually, the C1 servers are lacking from native IPv6 support due to hardware limitations. We are working on workarounds to get this fixed on C1 and we should support it natively in newer generations of the hardware.

This issue will stay open if anybody have suggestions, use cases or feedbacks, so we can get this feature more quickly.

Sep 19 '15 21:09 moul

This doesn't really make sense. Maybe the network infrastructure has some restrictions, but the servers themselves? The hardware receives and sends ethernet frames, a layer below IP.

Can you describe those limitations? If the C1 hardware actually cannot do native IPv6, that makes it somewhat useless. Come on, it's 2015 and the IPv4 depletion is actually a real problem now. Launching a product these days without native IPv6 support (either planned or in production) seems very short-sighted.

Nov 14 '15 14:11 grigorig

The hardware limitation is not on the C1 node itself but on the blade containing the C1 servers, look at this: https://www.scaleway.com/features/, the first photo shows a blade with 18 C1 nodes. The blade handles the power usage, serial but also the network between the node and the big backbones

Today we have a limitation on the blade and are working to get this fixed. As soon as the blade and the rest of our network will forward, filter and shape the IPv6 network, you will be able to manually configure the IPv6 address on your node, then we will still need to support DHCP or a script to automatically configure your nodes if possible

Please, stay tuned to this thread as we will update it progressively, so you can try and give us feedbacks

Nov 16 '15 10:11 moul

Thanks for the information, it makes more sense now. :)

I assume the deployment will be similar to online.net's servers where you can request a prefix delegation via DHCPv6-PD then. That is a reasonable solution. Can you share more details about the upcoming IPv6 deployment? E.g. what kind (length) of prefixes can we get delegated?

If you have some kind of beta of the IPv6 support, I'd be willing to participate in it as well. I have solid IPv6 knowledge, so I'd be able to hopefully give useful feedback.

Nov 16 '15 10:11 grigorig

Update: I managed to get IPv6 working between two nodes:

root@distracted-wright:~# ip addr show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 532
    link/ether 00:07:cb:03:0a:dc brd ff:ff:ff:ff:ff:ff
    inet 10.1.45.56/23 brd 10.1.45.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 2::6/64 scope global
       valid_lft forever preferred_lft forever
root@distracted-wright:~# ip -6 neigh show dev eth0
2::4 lladdr 00:07:cb:03:0a:e8 REACHABLE
root@distracted-wright:~# ping6 -I -c 2 eth0 2::4
PING 2::4(2::4) from 2::6 eth0: 56 data bytes
64 bytes from 2::4: icmp_seq=1 ttl=64 time=1.19 ms
64 bytes from 2::4: icmp_seq=2 ttl=64 time=1.20 ms
--- 2::4 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.194/1.197/1.200/0.003 ms
root@distracted-wright:~#

However, I needed to disable some filtering options from the blade, the hardware team is working on a patch

Nov 16 '15 15:11 moul

Looks good. Like I stated in the community thread, even simple local IPv6 connectivity would be quite helpful for me already.

Nov 16 '15 16:11 grigorig

I would be also interested in testing beta Ipv6

Nov 16 '15 18:11 vdavy

C1 support IPv6 in IPv4 but kernel config limit ip6tables possibility. The kernel configuration must be updated with that : CONFIG_NF_CONNTRACK_IPV6=m

Nov 27 '15 18:11 McKay1717

@moul, is there any progress with IPv6 on the C1 hardware?

Dec 04 '15 00:12 grigorig

@grigorig we are waiting for the hardware team to release a new software version with ipv6 filtering support In the meantime, we are preparing our infrastructure, so you should get full ipv6 support (not only local one)

I will update the ticket as soon as we have this feature in beta :)

Dec 04 '15 11:12 moul

Why don't you run some 6in4 gateways/tunnel servers on hardware connected to the scaleway network in the meant time for people who want IPv6 NOW?

I mean come on you are a major datacentre I'm sure finding a few servers for that wouldn't be a problem ;-)

If they're on your network they could be reachable from the private IPv4 ranges as well saving on public IP's.

Jan 15 '16 11:01 dragon2611

@moul Hi. Is there any ETA yet for native IPv6 support on C1? Could we try the alpha or the beta?

Jan 28 '16 17:01 HLFH

What they need to do is 4in6 not 6in4 if they have a native IPv6 network which they should

Mar 03 '16 09:03 4mig4

and that requires something called 4rd RFC7600

Mar 03 '16 09:03 4mig4

Native IPV6 support is now available for C2 servers and VPS offers

https://blog.scaleway.com/2016/03/31/introducing-native-ipv6-connectivity-on-scaleway/

Mar 31 '16 15:03 moul

Unfortunately, the way you implemented IPv6 on C2/VPS is the best example of how not do it I have seen yet. And the advertisement is off topic here, too.

Scaleway really dropped the ball on IPv6 support on C1 and it's sad to see. I'll probably move my services elsewhere soon.

Mar 31 '16 17:03 grigorig

@grigorig Hi. Could you argue to better understand your point about the fact that IPv6 would be badly implemented with C2 servers?

Mar 31 '16 17:03 HLFH

@HLFH sure.

Each server just gets a single IPv6 address in a /127 subnet. The recommendation is to allocate at least a /64 per node, so that's really bad and precludes all of the use cases that are possible with the bigger address space of IPv6. Furthermore, it looks like a /64 prefix is shared among multiple customers. Since /64 is considered the smallest prefix given to an end node, any IP based blocking in IPv6 land is usually done with the granularity of at least /64. So if one Scaleway customer does something bad and gets blocked somewhere, many customers are affected.

Mar 31 '16 17:03 grigorig

I agree with @grigorig

Mar 31 '16 17:03 meyskens

@moul Hi. I'm asking if IPv6 reverse DNS delegation is supported? On Online.net, it could work. Does that work too on Scaleway?

Mar 31 '16 17:03 HLFH

@grigorig, @meyskens,

You missed that this is the first step of our IPv6 deployment. We're announcing IPv6 connectivity and as stated, not a full flexible implementation. To route a /64 on a node, you first need an IPv6 connectivity. ;)

These IPv6 are assigned to nodes and not to customers, there is no reverse DNS delegation on the nodes IPs.

Stay tuned.

Apr 01 '16 09:04 NoKriK

OK then. But this is barely usable, there isn't really much point in releasing IPv6 support in such an unfinished state and still claiming to be "fully IPv6 ready". It's a lie. The IPv6 support that is available today on Scaleway is as basic as it can possibly get. It certainly would have helped to clarify it in the blog post that this is only the very first step.

Also, can you give any statement about IPv6 support on C1, to get back on topic?

Apr 01 '16 10:04 grigorig

Hey, this issue is marked as "help wanted". What help do you need to get this working on C1?

Jun 21 '16 10:06 Tiki-God

I am very interested in using your C1 servers, but without IPv6 connectivity with at least /64 allocations, it's not usable to me. Has there been any update @moul?