[libvirt] need help: what should be supported?

Gene Czarcinski gene at czarc.net
Thu Apr 18 19:08:36 UTC 2013


On 04/18/2013 11:27 AM, Laine Stump wrote:
> On 04/18/2013 09:08 AM, Gene Czarcinski wrote:
>> I need some help/guidance as to what networking characteristics should
>> be supported by libvirt.  Mostly, I am asking what should be valid for
>> a prefix.
>>
>> For IPv4:
>>
>> The prefix can theoretically range from 0 to 32.  Typically, the
>> values of 8, 16 or 24 is used.  For an IP specification, should I be
>> able to specify prefix=32 (netmask 255.255.255.255)?  This is not a
>> network specification but one for a specific guest-host ... but, what
>> will the virtualization host have for the address on this interface?
>>
>> Proposed: prefix (or equivalent netmask) must be
>>      8 < prefix < 29
> Are you talking about validating the prefix for <ip> elements, or your
> new <route> elements? I think that for <route> elements that anything
> between 0 and the number of bits in the address should be accepted. If
> you put an artificial limit on it, you can be sure that someone will
> come along who wants to exceed the limit.
>
> For <ip> elements it's a bit more up in the air. Limiting the range of
> prefix for either IPv4 or IPv6 may warn about some potential
> misconfigurations, but I'm not sure how important it is.
>
> Does /usr/sbin/ip have any limits about netmask/prefix?
>
>> For IPv6:  Similar to IPv4 but the range is (theoretically) 0 to 128.
>> However, DHCPv6 and RA will **ONLY** work for prefix=64 ... nothing
>> greater and nothing less.
> Nothing says that all libvirt networks must support/use DHCPv6 or RA
> (although that will very likely be the most common scenario).
>
>
>
>>    For an network on an interface which is visible to the
>> virtualization host, it must have an address for the host;  therefore,
>> prefix <127.  I am not sure what an IP definition with prefix=0 means
>> for a libvirt virtual network.
>>
>> Proposed: Prefix=64 for DHCPv6 and/or RA support.  For other network
>> addresses (such as static route),
>>      7 < prefix <= 64.
>>
>> Most IPv6 software does not appear to handle subnets where prefix > 64
>> except for prefix=128 for a specific host address.
>
> Which software are you talking about?
>
>
>> That is not to say that prefix <64 prefix < 128 could not have a
>> meaning and be useful.  But, if supported, how should it be specified
>> so that user problems are minimized ... or do we just support it and
>> what happens is a user problem?
OK, for now any prefix is a good prefix (except for the 32 and 128 
max-values).  However, if I understand what the standards say about IPv6 
(no a given), subclassing below prefix=64 was very much "a bad thing to 
do" even if, personally, I don't see the problem.

Gene




More information about the libvir-list mailing list