[libvirt] [PATCHv2 0/2] disable default gateway in IPv6 RA for isolated networks
Maxim Perevedentsev
mperevedentsev at virtuozzo.com
Fri Jul 1 11:50:16 UTC 2016
In case of DHCPv6 in isolated network, we start dnsmasq
which sends Router Advertisements (RA). If RA containts no gateway
then the link-local address of the source of RA is considered
a gateway (and guest installs a corresponding default route).
If a guest has two network interfaces (public and isolated network)
and the user installs a default route through "public" interface,
the guest will have something like
default via fe80::ffff:1:1 dev eth2 metric 1024
default via fe80::5054:ff:fe0a:d808 dev eth3 proto ra metric 1024 expires 1789sec
RA route metric may vary, and it is preferred.
The validity of default route is controlled by
"default [route] lifetime" field in RA. If it is 0, then
the default gateway announced is considered invalid,
and no default route is installed into guest.
dnsmasq 2.67+ supports "ra-param=<interface>,<RA interval>,<default lifetime>"
option. We can pass "ra-param=*,0,0" (here, RA_interval=0 means default)
to disable default gateway in RA.
This patchset adds detection for "ra-param" in dnsmasq and
sets "ra-param=*,0,0" for isolated network if dnsmasq supports it.
Maxim Perevedentsev (2):
Fix message about dnsmasq BINDTODEVICE capability.
dnsmasq: disable IPv6 default gateway in RA for isolated networks
src/network/bridge_driver.c | 7 +++++++
src/util/virdnsmasq.c | 8 ++++++--
src/util/virdnsmasq.h | 1 +
3 files changed, 14 insertions(+), 2 deletions(-)
--
1.8.3.1
More information about the libvir-list
mailing list