VMware ESXi on OVH.com’s dedicated server, additional IPv4 subnet, and WORKING native IPv6 connectivity

I have finally migrated my server from LeaseWeb to OVH.  LeaseWeb wouldn’t provide me with a reasonable offer after being a loyal customer for 3 years so I terminated my server there. I came across OVH’s 1-year anniversary for Asia Pacific servers (50% off for annual payment) and their offer was massively appealing so I immediately signed up. I am extremely impressed with their customer control panel. I would say it’s much better than SoftLayer and LeaseWeb if you like to configure things by yourself.  OVH may not have a perfect reputation but it seems to have improved significantly over the years. I’m quite pleased on their automatic provisioning that took minutes and the KVM-over-IP is very easy to use.

It took me a while to get up to speed but once I got a hold of it, things were quite straightforward.  I intend to run a VM-based router (MikroTik’s Cloud Hosted Router) and route the subnet through it and other VMs will be a part of this VM network.  I could “bridge” my VMware ESXi CHR VM to the physical network to take advantage of their very-reasonably-priced one-time-fee additional IPv4 blocks using a FailOver (FO) IP address.  You need 1 individual FO IP to route/”bridge” the additional IPv6 subnet(s).  Apply the OVH-generated VMware-accepted MAC address to your VM host’s virtual ethernet (in my case VMware ESXi) to get the “bridge” to work.  You will need to “bridge” every single IP to the OVH-generated MAC address in the subnet manually.

Once I got everything working as expected, I continued to configure native IPv6 as provided by OVH.  I read the available guides on OVH.com and on Google (they have various guides on IPv6 make sure you read the right one for dedicated server), but I could never get it to work.  I got assigned the IPv6 range of 2402:1f00:8000:3cb::/64 but the guide states that I need to use 2402:1f00:8000:3ff:ff:ff:ff:ff as the gateway IPv6 address, which is unusual because such address is outside the /64 range.  2402:1f00:8000:3cb::/64 means 2402:1f00:8000:3cb:0:0:0:0 – 2402:1f00:8000:3cb:ffff:ffff:ffff:ffff.  Compare this range to the suggested gateway IPv6 address of 2402:1f00:8000:3ff:ff:ff:ff:ff (or 2402:1f00:8000:03ff:00ff:00ff:00ff:00ff), you can clearly see that the suggested IPv6 gateway address is outside the range.  This is the reason why this unusual network setup requires some effort to make it work properly.

I did not really take notice of this initially and wondered for hours why it wouldn’t work.  I opened a support ticket and the response was not helpful, the response only repeated the guide. I eventually used an IPv6 calculator to confirm my suspicion and it proved to be the culprit (because the gateway error was “unreachable” and “no route to host” when ping was used). I immediately tried changing the subnet mask to /56 instead of /64 because the assigned gateway IPv6 address is expected to be overridden with “ff” and changing it to /56 now makes the gateway IPv6 address within the network.  Remember, previously it was outside with the /64 range. Now the OS would accept the gateway IPv6 address and is reachable.  Ping also worked this time and immediately I had native IPv6 connectivity.  However this is not the right setup!

So, if you are an OVH customer and you cannot get IPv6 to work on MikroTik after reading their knowledge base articles , here is how:
The kind guy at MikroTik support (Martins S.) helped me to get this to work on my MikroTik setup.  The solution is actually very simple.  Basically once you have set up the IPv6 address on MikroTik, use multicast ping command: /ping FF02::2%ether1.  ether1 is the interface name connected to OVH.  Write down link-local addresses responding to the ping and expect to see a few replies for every ping request, including the device’s own link-local interface.  In my case I received 3 replies from 3 link-local addresses per ping, after eliminating my own device’s link-local address, I ended up with 2 link-local addresses.  These should be the link-local address of the actual router.  You can use this command to set up the IPv6 default route: /ip6 route add dst-address=”2000::/3″ gateway=”%ether1″. The new default route should immediately become active and you can use /tool trace ipv6.google.com to confirm your IPv6 connectivity on OVH’s network (assuming you have a working resolver configuration in place ;).

Good luck!

Leave a Reply

Your email address will not be published. Required fields are marked *

Anti-Spam by WP-SpamShield

anemotropism-bangalay