[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] IPV6 and routing

As I have mentioned in other messages, I am interested in having full support for IPv6 in libvirt. To me this includes having dhcp6 for IPV6 address assignment and using RA (radvd) to establish the default route. This is what I am using on my real LANs.

Before starting into adding dhcp6 support to libvirt, I wanted to see just how it works with the current software. First of all, it appears that, when nat or routed are specified for IPv4, the IPv6 is routed. If it is an isolated/private network, then it can only work with other guests on that network. The iptables and ip6tables settings corresponded and were as expected. On the virtualization host, both IPv4 and IPv6 forwarding are enabled.

While I can easily do stuff like ping6 and ssh -6 from virtual guests to the virtualization host, I have been unable to do anything with external hosts ... unless I add a static route for the virtual IPv6 network on the target host back to the virtualization host. This is the only way I have gotten anything to work. To complicate things, it seem that "everything" wants the IPv6 network to have prefix=64 or things do not work correctly.

The real systems use fd00:dead:beef:17::/64 for their network. The virtual networks all use fd00:face:17:xx::/64 for their networks.

The network traffic on the virtualization host is forwarded to the target host ... I can see the packets with wireshark on the target host.

On the target host I tried specifying a static route for network fd00:face:17::/48 ... well, that really screwed things up, resulted in some "redirects" from the virtualization host saying the that it was sent a malformed packed ... it took a reboot to clean things up.

OK, so leave the fd00:face:17:6::/64 static route on the target host but subnetwork this network on the virtualization host using networks like fd00:face:17:6:8::/80 and fd00:face:6:9::/80. This works if I manually configure IPv6 on the virtual guest. Since radvd is "upset" by a non-prefix=64 network, I was not surprised when the guest's automatic IPv6 address/network was not configured.

OK, what am I missing?  What don't I understand?

If IPv6 is going to be useful in virtualization, then there must be some "easy" way to have other systems understand that the virtualization host is acting as a router for the virtual IPv6 networks it runs. While being able to go between the virtualization hosts and the virtual guests is very useful, I do not consider this sufficient.

I have googled and found some stuff as well as reading more RFCs than I wanted to but I cannot find anything to address this issue.

IIRC, I did find something under a libvirt document that indicates "routed" will be used for some kind of subnetworking.

Does libvirt need an IPv6 "NAT" to make this work?

Comments?  Suggestions?


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]