I've got an IPv6 /64 range that the host server running KVM guest virtual machines can use (along with its guests via a bridged br0 setup). The guest virtual machine I have the OpenVPN 2.5.x server configured on (Ubuntu 16.04 server) has an IPv6 address of prefix::4 configured on eth0. IPv6 connections to and from this server work fine and route properly.
When I follow the IPv6 guide, I'm unable to make resolving or connecting to any IPv6 addresses work.
Here is my server.conf file:
Server Config
port 1194
proto udp
dev tun
sndbuf 0
rcvbuf 0
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-auth ta.key 0
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "dhcp-option DNS6 2001:4860:4860::8888"
push "dhcp-option DNS6 2001:4860:4860::8844"
keepalive 10 120
cipher AES-256-CBC
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
crl-verify crl.pem
server-ipv6 2f82:8340:1:fe09:8000::/65
push "route-ipv6 2000::/3"
push "redirect-gateway ipv6 def1 bypass-dhcp"
My range (modified for this example for security purposes) is 2f82:8340:1:fe09::/64
Any idea how to get this to work?
Connected clients get an IPv4 and IPv6 address in that range, but only IPv4 connections work. All IPv6 connections time out from the client.
IPv6 forwarding is enabled on the KVM guest running the OpenVPN server.
I've looked at countless forum threads regarding IPv6 not working, and I just can't figure it out. I think it must have something to do with KVM adding additional layers to how IPs are routed / shared between the guest virtual servers.
Is there something I need to do in my interfaces file on Ubuntu to reserve this block of IPv6 addresses [from the split netblock configuration section] (even though I've configured nothing to use more than ::4 in the /64 range)? Any help would be appreciated.