[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt-users] NWFilter and IPv6

On 11/26/2012 10:41 AM, Laine Stump wrote:
On 11/07/2012 03:22 AM, Guido Winkelmann wrote:

Libvirt's nwfilter ships a number of useful filter scripts by default, but
none to handle IPv6 traffic. Is there a particular reason for that, or is that
just because nobody has got around to that yet?
Hi Guido! I just saw this message you sent to the list a couple weeks ago.

Stefan Berger can confirm, but I believe the answer is the latter -
nobody has gotten around to it. I'm sure patches would be greatly
appreciated :-)

Yes, patches would be appreciated. The IP address detection methods may also need to be extended for IPv6 support. One problem I want to mention, though: A bigger problem would be if a machine wanted to use IPv4 and IPv6 (dual stack) and use DHCP for both , which in effect would result in two variables that need to have values detected which in turn would require partial instantiation of filters (since one variable may not have a value assigned while the other has), which does not currently work...

Also as I recall for IPv4 the ARP-equivalent is NDP (Neighbor Discovery Protocol based on ICMPv6), which may need support in ebtables. At least a while ago there was no support for filtering that NDP subset of ICMPv6 in ebtables.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]