CloudLinux 8 server lacks IPv6 Default Gateway

Question

I run CloudLinux 8 with cPanel, and I followed the guide at https://docs.cpanel.net/knowledge-base/general-systems-administration/how-to-get-started-with-ipv6/#add-a-single-ipv6-address-to-your-server and added the following to /etc/sysconfig/network-scripts/ifcfg-eth0:

IPV6INIT=yes
IPV6ADDR=2602:fe90:200:55::2/128
IPV6_DEFAULTGW=2602:fe90:200:55::1

I then ran service network restart however the IPv6 IP does not respond to external ping requests (it does respond from the server itself).

I noticed that no default gateway shows up, and I cannot figure out why that would be.

ip -6 ro
unreachable ::/96 dev lo metric 1024 pref medium
unreachable ::ffff:0.0.0.0/96 dev lo metric 1024 pref medium
unreachable 2002:a00::/24 dev lo metric 1024 pref medium
unreachable 2002:7f00::/24 dev lo metric 1024 pref medium
unreachable 2002:a9fe::/32 dev lo metric 1024 pref medium
unreachable 2002:ac10::/28 dev lo metric 1024 pref medium
unreachable 2002:c0a8::/32 dev lo metric 1024 pref medium
unreachable 2002:e000::/19 dev lo metric 1024 pref medium
2602:fe90:200:55::2 dev eth0 proto kernel metric 256 pref medium
unreachable 3ffe:ffff::/32 dev lo metric 1024 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium

Note that the outputs above have been adjusted for privacy reasons and do not represent the actual IPv6 space assigned to this server.

Answer 1

Blogs and tutorials are not always completely accurate.

Because a a /128 netmask is used on the address, no LAN route that would have provided a route to the gateway could be automatically added by the kernel. So no route to 2602:fe90:200:55::1 exists. Adding a route relying on the unreachable 2602:fe90:200:55::1 fails like below:

# ip address add 2602:fe90:200:55::2/128 dev eth0
# ip route add default via 2602:fe90:200:55::1 dev eth0
RTNETLINK answers: No route to host

There are at least three ways to have this working. I'm describing things manually first, and will show what can be configured using RHEL's ifcfg-style configuration later.

1. explicit route to the gateway first

   # ip address add 2602:fe90:200:55::2/128 dev eth0
   # ip route add 2602:fe90:200:55::1/128 dev eth0
   # ip route add default via 2602:fe90:200:55::1 dev eth0
   

2. or else, point-to-point/peer address

   So the kernel adds a route to the "peer" which will be the gateway

   # ip address add 2602:fe90:200:55::2 peer 2602:fe90:200:55::1/128 dev eth0
   # ip route add default via 2602:fe90:200:55::1 dev eth0
   

3. or else, on-link route

   This tells that the route can be created without having to be validated by a preexisting route.

   # ip address add 2602:fe90:200:55::2/128 dev eth0
   # ip route add default via 2602:fe90:200:55::1 dev eth0 onlink
   

   The single route added is also correct to reach the gateway itself.

---

CloudLinux is based on CentOS which is based on (or is upstream of...) RHEL. I don't have access to any CloudLinux nor did I find any specific CloudLinux documentation about ifcfg-style network configuration. This configuration is also deprecated in RHEL 8 which suggests to use NetworkManager instead, but it's still available and OP still uses it.

Within the ifcfg-style network configuration, method 2. appears impractical. Methods 1. or 3. can be implemented with the additional configuration file /etc/sysconfig/network-scripts/route6-eth0. For IPv6 only the ip route-style syntax is supported: it will reflect ip route commands above.

In both cases remove the parameter IPV6_DEFAULTGW in ifcfg-eth0: it will be handled by route6-eth0 instead.

1. explicit route to the gateway first

   route6-eth0:

   2602:fe90:200:55::1/128 dev eth0
   default via 2602:fe90:200:55::1 dev eth0
   

2. skipped

3. or else on-link route

   route6-eth0:

   default via 2602:fe90:200:55::1 dev eth0 onlink
   

Tested on CentOS7 without NetworkManager and CentOS8 with and without NetworkManager. NM might use additional settings that would need change (such as removing the use of automatic routes).

Setting 1. should probably be be chosen for maximum compatibility. If NM is present, once its configuration is reloaded, it will automatically convert the configuration as needed.