OpenVPN server: IPv6

DL6ER edited this page Jan 26, 2017 · 4 revisions

Full article:

This optional section walks through providing IPv6 connectivity outside and inside the tunnel.

Optional: IPv6 outside the tunnel

To connect to your server over ipv6 (ipv6 transport) use this on both sides, e.g.

proto udp6

Optional: IPv6 inside the tunnel

In this document, we'll assume you have the following from the OpenVPN server's viewpoint:

  • The OpenVPN server has an IPv6 IP of 2001:db8:0:abc::100/64 on its LAN interface
  • The following block is routed to the OpenVPN server host: 2001:db8:0:123::/64

Note: This section is work in progress

Edit /etc/sysctl.conf

# Uncomment the next line to enable packet forwarding for IPv6
#  Enabling this option disables Stateless Address Autoconfiguration
#  based on Router Advertisements for this host

Add the following to a functioning OpenVPN config:

server-ipv6 2001:db8:0:123::/64

Pushing routes over the tunnel works much like it does in IPv4, but you use push "route-ipv6 NETWORK/CIDR".

To redirect all Internet-bound traffic, use the current allocated public IP space like this:

push "route-ipv6 2000::/3"
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.