diff --git a/pkg/runner/lxc-helpers-lib.sh b/pkg/runner/lxc-helpers-lib.sh
index da71f88..54f12b7 100755
--- a/pkg/runner/lxc-helpers-lib.sh
+++ b/pkg/runner/lxc-helpers-lib.sh
@@ -7,6 +7,7 @@ LXC_SELF_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 LXC_BIN=/usr/local/bin
 LXC_CONTAINER_CONFIG_ALL="unprivileged lxc libvirt docker k8s"
 LXC_CONTAINER_CONFIG_DEFAULT="lxc libvirt docker"
+LXC_IPV6_PREFIX_DEFAULT="fc15"
 
 : ${LXC_SUDO:=}
 : ${LXC_CONTAINER_RELEASE:=bookworm}
@@ -372,12 +373,14 @@ function lxc_apt_install_inside() {
 function lxc_install_lxc() {
     local name="$1"
     local prefix="$2"
+    local prefixv6="$3"
 
-    lxc_container_inside $name lxc_install_lxc_inside $prefix
+    lxc_container_inside $name lxc_install_lxc_inside $prefix $prefixv6
 }
 
 function lxc_install_lxc_inside() {
     local prefix="$1"
+    local prefixv6="${2:-$LXC_IPV6_PREFIX_DEFAULT}"
 
     local packages="make git libvirt0 libpam-cgfs bridge-utils uidmap dnsmasq-base dnsmasq dnsmasq-utils qemu-user-static lxc-templates debootstrap"
     if test "$(lxc_release)" = bookworm ; then
@@ -398,6 +401,10 @@ LXC_NETMASK="255.255.255.0"
 LXC_NETWORK="$prefix.0/24"
 LXC_DHCP_RANGE="$prefix.2,$prefix.254"
 LXC_DHCP_MAX="253"
+LXC_IPV6_ADDR="$prefixv6::216:3eff:fe00:1"
+LXC_IPV6_MASK="64"
+LXC_IPV6_NETWORK="$prefixv6::/64"
+LXC_IPV6_NAT="true"
 EOF
 	systemctl start lxc-net
     fi
diff --git a/pkg/runner/lxc-helpers.sh b/pkg/runner/lxc-helpers.sh
index 8ced7ef..cddc5a2 100755
--- a/pkg/runner/lxc-helpers.sh
+++ b/pkg/runner/lxc-helpers.sh
@@ -32,6 +32,9 @@ DESCRIPTION
    destroy LXC containers. A container is created from a copy of an
    existing container.
 
+   The LXC network is configured to provide a NAT'ed IP address (IPv4
+   and IPv6) to each container, in a configurable private range.
+
 CREATE AND DESTROY
 
    lxc_prepare_environment
@@ -92,12 +95,13 @@ ACTIONS IN THE CONTAINER
    there is an equivalent function lxc_something_inside that can be called from inside
    the container.
 
-   lxc_install_lxc `name` `prefix`
-   lxc_install_lxc_inside `prefix`
+   lxc_install_lxc `name` `prefix` [`prefixv6`]
+   lxc_install_lxc_inside `prefix` [`prefixv6`]
 
       Install LXC in the `name` container to allow the creation of
       named containers. `prefix` is a class C IP prefix from which
-      containers will obtain their IP (for instance 10.40.50).
+      containers will obtain their IP (for instance 10.40.50). `prefixv6`
+      is an optional IPv6 private address prefix that defaults to fc15.
 
    lxc_container_run `name` command [options...]