[libvirt-users] Privacy Extension not working in VM

[Thomas Luening]

Hello @ all

With the rebuilding of my Server from Debian 9 to Debian 10, I also 
switch from Virtual Box to Libvirt/KVM. Due to new requirements for the 
VMs, now I have an actual problem, which unfortunately I can not solve. 
The problem has already been discussed in the German Debian-Forum ... 
unfortunately also without success.

The facts:
- ISP = Dual Stack with daily separation
- Host and VM = Debian 10
- The VMs are via macvtap-device regular LAN-Clients
   - IPv4 = DHCP and NAT by DSL-Router
   - IPv6 = GUA via RA and SLAAC (2003::/3)
- IPv4 works fine in the VM
- IPv6 (NDP, RA, SLAAC) works basically also fine in the VM

The existing problem in the VM:
- MAC-Based GUA (2000::/3) is ok, both inbound and outbound

- Outbound traffic via the second GUA (PE-Based) is filtered apparently,
   but not via packetfiltering, I don't know where. There are no error
   messages. On the part of the kernel in the VM and the IPv6-stack,
   everything looks completely ok, no error messages, except that
   Outbound-Traffic by the PE-Address is quietly blocked. The MAC-
   Based IPv6 works unchanged and without error as before.

My questions:
1. Is there a special setting for the VM, to allow the use of Privacy
    Extensions for IPv6 unlimited?
2. Or is that possibly even a known and at the moment unsolved problem?
3. Or is this a intended limitation of virtualization?

Can anyone help me with a solution or a hint? Thank you.

BR, Tom