Basics
Linux comes with a feature called NDP proxying. You can declare a list of IP addresses to answer neighbor solicitation requests for, and the system will answer them for you, allowing you to receive packets for them.
First, you have to enable this feature by setting the sysctl
option net.ipv6.conf.all.proxy_ndp
to 1
. You can do this by adding the following line to /etc/sysctl.conf
(or whatever the equivalent on your system is):
net.ipv6.conf.all.proxy_ndp = 1
Once you do this, run sysctl -p
as root to activate it immediately.
Then, for every IP address you wish the VPS to route, you have to run:
ip -6 neigh add proxy <ip> dev <interface>
For example, if you want to answer for 2001:db8::2
on eth0
, run:
ip -6 neigh add proxy 2001:db8::2 dev eth0
Afterwards, your server will tell your external router, connected to eth0
, that it should receive packets for 2001:db8::2
. Your server now routes the traffic properly!
Persistent configuration
Create an executable script /etc/networkd-dispatcher/routable.d/90-proxy-ndp
:
#!/bin/sh
if [ "$IFACE" = "eth0" ]; then
ip -6 neigh add proxy 2001:db8::2 dev eth0
# ...
fi
exit 0
and configure /etc/sysctl.conf
to enable proxy_ndp
.
net.ipv6.conf.all.proxy_ndp = 1
If you enabled UFW on the server, you need to add routing rules with ufw route RULE
.