[libvirt] [PATCH 0/3] Add option to selectively enable IPv4/v6 forwarding

[Benjamin Cama]

Hi,

Currently, when IP forwarding is enabled in a network element, libvirt enables
forwarding for IPv4/v6 on the OS if the bridge has some IP address of that
family. In some circumstances, one could only want forwarding for one family
and not the other, even if both address families are present; for example,
forwarding only IPv6 but still have some RFC1918 addresses on the “local”
network as a backup stack, or playing with IPv6 using (not forwarded) ULA
addresses, having some IPv4 NATed forwarding, without loosing IPv6 connectivity
because enabling it will disable auto-configuration (my case).

This patch adds a new optional "family" attribute to the "forward" element,
allowing selective forwarding: it can be set to "ipv4" or "ipv6". If not
present, the usual behavior of libvirt is kept, forwarding trafic for whichever
family there is an address on the bridge.

The first patch also remove libvirt's ability to set forwarding; I think it
should only check for it, letting the administrator enable it the usual way
(/etc/sysctl.conf or wathever) if he really wants it. In my case, this behavior
caused me to loose IPv6 connectivity when adding some ULA addresse to my VMs
bridge, because IPv6 forwarding was enabled in my back.

Regards,

Benjamin Cama (3):
  Only check for IP forwarding, do not enable it
  Add a "forward family" option
  Take the forwarding family into account

 src/conf/network_conf.c     |   58 ++++++++++++++++++++++++++++++-
 src/conf/network_conf.h     |    1 +
 src/network/bridge_driver.c |   81 +++++++++++++++++++++++++++++++++---------
 3 files changed, 121 insertions(+), 19 deletions(-)

-- 
1.7.2.5