Adding a whole IPv6 /64 block to an network interface on debian
Solution 1:
I have needed something similar in the past. I found that there are three steps needed to get this working:
- You need to route a prefix to the host
- You need a local route on the host
- Applications need to set the
IP_FREEBINDorIP_TRANSPARENToption on sockets
The proper way to get a prefix routed to the host involves contacting your provider, if they do not already provide you one. They may have a DHCPv6 server, which can delegate a prefix to you, if you just send the right DHCPv6 request to it.
If a real routed prefix is for some reason impossible for you to get, but you have access to use as many addresses as you want from a link prefix available on one of your network interfaces, you can turn part of that into a routed prefix by having a daemon respond to neighbor discovery requests for every IPv6 address in that range.
Using such a daemon is not recommended other than as a last resort, since it will needlessly consume memory from all your neighbors. There are a few implementations of such a daemon, one that looks promissing is ndppd. (I have no specific experience with it, since I only learned about it after I had written my own with my link prefix hardcoded.)
It looks like you already got the local route working. As you noticed, it has to be assigned to the lo interface in order to work.
Finally the applications using addresses from this range need an IP option in order to be able to bind to addresses, which are not explicitly assigned to a specific network interface on the host. Here is a code fragment, that can be used:
const int one = 1;
setsockopt(fd, SOL_IP, IP_FREEBIND, &one, sizeof(one));
Solution 2:
It's 2019 year now. One word: ip_nonlocal_bind (since 4.3 kernel as i may know).
Use ndppd + sysctl net.ipv6.ip_nonlocal_bind = 1, last one allows you to bind to any IPv6 address(no IP_FREEBIND needed in this case).
Guess you did so:
ip add add local 2001::41d0:2:ad64::/64 dev lo
ip route add local 2001::41d0:2:ad64::/64 dev eth0
sysctl net.ipv6.ip_nonlocal_bind = 1
ndppd.conf will look like:
route-ttl 30000
proxy eth0 {
router no
timeout 500
ttl 30000
rule 2001::41d0:2:ad64::/64{
static
}
}
run ndppd and now you can bind to any address(of added block) and use it as it added itself.