网卡部分
vmbr1是内部的网桥,这里给他添加了ipv6地址作为网管
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!
auto lo
iface lo inet loopback
iface enp1s0 inet manual
auto vmbr0
iface vmbr0 inet static
address 51.158.*
netmask 24
gateway 51.158.*
bridge-ports enp1s0
bridge-stp off
bridge-fd 0
auto vmbr1
iface vmbr1 inet static
address 192.168.1.1
netmask 24
bridge-ports none
bridge-stp off
bridge-fd 0
iface vmbr1 inet6 static
address 2001:bc8:*:c800::
netmask 56
vmbr1的NAT转发
iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o vmbr0 -j MASQUERA
添加一个新的ipv6地址到vmbr0
ip -6 a a 2001:bc8:*:c800::cafe/56 dev vmbr0
iptables转发内部端口
iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 10689 -j DNAT --to 192.168.1.106::3389
小鸡ipv6的外部访问
ip -f inet6 neigh add proxy 2001:bc8:*:c800::cafe:103 dev vmbr0 ip -f inet6 route add 2001:bc8:*:c800::cafe:103 dev vmbr1
lxc小鸡nat+ipv6的网卡设置,小鸡的ipv6是随便写的,我这里设置的尾数和小鸡编号一样
母鸡的vmbr1
这里要注意小鸡的ipv6和ipv4网关要和vmbr1对应
https://www.hostloc.com/thread-608541-1-1.html
