[libvirt] [PATCH v2 0/5] Prevent losing IPv6 routes due to forwarding

Yalan Zhang yalzhang at redhat.com
Wed May 10 05:30:15 UTC 2017 

Hi Cédric,

您好 :)
I'm sorry that I missed the mail.
But currently I can not reproduce it.
For the error by net-create, it is executed when I set accept_ra to 1.

I have just test on libvirt-3.2.0-4.el7.x86_64, the behavior changes, it
seems like there is no check for accept_ra before start a network with ipv6.

1. define and start a network with ipv6 settings
# virsh net-dumpxml default6
<network>
  <name>default6</name>
  <uuid>c502d02c-fbd0-49d9-91e4-0fcf0ef159d0</uuid>
  <forward mode='nat'/>
  <bridge name='virbr4' stp='on' delay='0'/>
  <mac address='52:54:00:04:d5:3c'/>
  <ip address='192.168.10.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.10.2' end='192.168.10.254'/>
    </dhcp>
  </ip>
  <ip family='ipv6' address='2001:db8:ca2:2::1' prefix='64'>
    <dhcp>
      <range start='2001:db8:ca2:2:1::10' end='2001:db8:ca2:2:1::ff'/>
    </dhcp>
  </ip>
</network>

# cat /proc/sys/net/ipv6/conf/enp0s25/accept_ra
1

# virsh net-start default6   =====> the network can start as well with
accept_ra=1
Network default6 started

It seems that the "virNetDevIPGetAcceptRA()" in patch  "network: check
accept_ra before enabling ipv6 forwarding" with commit 00d28a78 is not
executed when I start a network. Please help to check, Thank you.









Best Regards,
Yalan Zhang
IRC: yalzhang
Internal phone: 8389413

On Tue, Apr 18, 2017 at 5:54 PM, Cedric Bosdonnat <cbosdonnat at suse.com>
wrote:

> Yalan 你好
>
> On Mon, 2017-04-17 at 17:30 +0800, Yalan Zhang wrote:
> > I have tested it, it works well. But the interface name will repeat 2
> times.
> > Please help to confirm this, and if below test for a single port host is
> enough?
> >
> > # cat /proc/sys/net/ipv6/conf/enp0s25/accept_ra
> > 1
> >
> > enable network default with ipv6 ip section
> >
> > # virsh net-start default
> > error: Failed to start network default
> > error: internal error: Check the host setup: enabling IPv6 forwarding
> with RA routes without accept_ra set to 2 is
> > likely to cause routes loss. Interfaces to look at: enp0s25, enp0s25
>
> Just to help me confirm my intuition: do you have several RA routes defined
> for the same device?
>
> > # echo 2 > /proc/sys/net/ipv6/conf/enp0s25/accept_ra
> >
> > # virsh net-start default
> > Network default started
> >
> > try create:
> >
> > # virsh net-create default.xml
> > error: Failed to create network from default.xml
> > error: internal error: Check the host setup: enabling IPv6 forwarding
> with RA routes without accept_ra set to 2 is
> > likely to cause routes loss. Interfaces to look at: enp0s25, enp0s25
>
> This one sounds weird: if the accept_ra is set to 2 as you report you did,
> you shouldn't get that error.
>
> --
> Cedric
>
> > On Wed, Mar 15, 2017 at 10:45 PM, Cédric Bosdonnat <cbosdonnat at suse.com>
> wrote:
> > > Hi Laine, all,
> > >
> > > Here is the v2 of my series. The changes are:
> > >
> > >  * Add a commit to create a virNetDevGetName() function
> > >  * Fix Laine's comments
> > >
> > > Cédric Bosdonnat (5):
> > >   util: extract the request sending code from virNetlinkCommand()
> > >   util: add virNetlinkDumpCommand()
> > >   bridge_driver.c: more uses of SYSCTL_PATH
> > >   util: add virNetDevGetName() function
> > >   network: check accept_ra before enabling ipv6 forwarding
> > >
> > >  src/libvirt_private.syms    |   3 +
> > >  src/network/bridge_driver.c |  25 ++++---
> > >  src/util/virnetdev.c        |  19 ++++++
> > >  src/util/virnetdev.h        |   2 +
> > >  src/util/virnetdevip.c      | 158 ++++++++++++++++++++++++++++++
> ++++++++++++++
> > >  src/util/virnetdevip.h      |   1 +
> > >  src/util/virnetlink.c       | 145 ++++++++++++++++++++++++++++++
> ----------
> > >  src/util/virnetlink.h       |   9 +++
> > >  8 files changed, 319 insertions(+), 43 deletions(-)
> > >
> > > --
> > > 2.11.0
> > >
> > > --
> > > libvir-list mailing list
> > > libvir-list at redhat.com
> > > https://www.redhat.com/mailman/listinfo/libvir-list
> >
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20170510/0e2c37ab/attachment-0001.htm>

More information about the libvir-list mailing list