[libvirt] Need to re-work final "peer address" patches and re-push them

Thu May 12 19:17:45 UTC 2016

On 05/12/2016 04:41 AM, Daniel P. Berrange wrote:
> On Thu, May 12, 2016 at 10:31:34AM +0200, Andrea Bolognani wrote:
>> Is there any real chance the "prefix" attribute will need to be specified
>> for the host as well? Because in that case we would clearly have to go
>> with "hostPrefix", and using "host" instead of "hostAddress" would look
>> quite ugly.
> Both IP addresses are required to be in the same subnet and thus have
> the same prefix

If 20 year old memories serve me correctly, the local and remote side of 
a point-to-point link can be on completely different networks (and the 
simple experiment I was able to do with ifconfig just now showed that it 
accepts such a setup - see below). The entire point (haha) of a 
point-to-point link is that there is only a single IP at the other end 
(unless additional routes are setup), and even ARP isn't necessary (or 
even possible on some media, e.g. PPP).

But as far as I've been able to figure out so far, it's a bit different 
when you set a peer IP address on an ethernet interface - the result of 
doing this is that the local IP is set as you'd expect, the POINTOPOINT 
flag isn't set (I haven't found any way to set this with an existing 
shell command), and the "direct" route that's added to the routing table 
is for the network of the *peer* address combined with the prefix 
(normally the direct route added for an ethernet is for the subnet 
containing the *local* address). For example, when I give this command:

   ifconfig p4p2_3 1.2.3.4 pointopoint 5.6.7.8 netmask 255.255.255.0

I end up with only a single new entry in the routing table:

Destination     Gateway         Genmask         Flags   MSS Window  irtt 
Iface
5.6.7.8         0.0.0.0         255.255.255.0 U         0 0          0 
p4p2_3
^^^^^^^^
(NOTE - *not* 1.2.3.0)

I don't have anything connected for the other end, but when I "ping 
5.6.7.8" (or "5.6.7.24"), I see ARP requests for 5.6.7.8 going out on 
p4p2_3.(If I set netmask to 255.255.255.255, it of course only ARPs for 
5.6.7.8)

So we've established that the local and peer addresses don't need to be 
on the same subnet. And since the guest-side will be seeing the 1.2.3.4 
network as peer, it *could* have a different prefix (maybe the host side 
wants to see the guest as 5.6.7.8/32 (single host), but the guest wants 
to see the host as 1.2.3.4/8). So I think Andrea has a valid point (and 
maybe this is another indicator that the address info for the two ends 
should be in separate elements; definitely it shows that the guest side 
and host side should be allowed to have different prefixes).

The place where this could be most useful is on an lxc <interface 
type='ethernet'>, where libvirt is able to do the IP config for both the 
guest and the host side of the veth pair. Rather than continue to spout 
off about it, I'm going to try and do some experiments over the next few 
days (in between [life]) and see what happens. Hopefully I can get back 
to the list within a day or two with something less speculative.