On Fri, 2007-03-02 at 17:15 +0000, Daniel P. Berrange wrote:
> On Mon, Feb 26, 2007 at 04:09:58PM +0000, Mark McLoughlin wrote:
> > So, we want to install a default network which guests can connect to.
> > This can be seen as e.g. a replacement for xenbr0 as the default bridge
> > for xen guests.
>
> > 2) IP address choice - I've randomly chosen 192.168.122.1/24 as the
> > IP address for the network, and this could happen to clash with
> > an existing network.
>
> Oh, the default network needs to provide IPv6 support out of the box
> too - whatever that entails ?
Right, whatever that entails :-)
So, we had two primary motivations for creating virtual networks:
1) Offline support - i.e. support inter-domain communication even
when offline
2) Network switching - e.g. switching your laptop between different
wireless networks
However, with IPv6, the combination of link-local addresses, address
auto-configuration and network renumbering should largely eliminate
these problems.
The conclusion then is that you mostly do want bridging with IPv6 -
i.e. you want to bridge all guests onto your physical network whereby
they will auto-configure using router advertisements on the physical
link.
One could imagine us allowing IPv6 virtual networks, where Dom0 acts as
a proper IPv6 router advertising a delegated prefix to guest domains,
but I'm not sure why that would be useful to people.
The question, though, is how to make IPv6 available to guests which are
connected to a virtual network out of a need for e.g. offline support.
You still want NAT etc. for IPv4, but what to do about IPv6?
The analogy, I think, is what would happen if your DSL provider
statically allocated an IPv6 prefix to you while still also dynamically
allocating an IPv4 address to you. You want to NAT IPv4 traffic using
the IPv4 address, but you want your IPv6 traffic to be bridged to the
IPv6 over PPP link in order to e.g. get router advertisements from the
ISP end.
That leads to the rather ugly conclusion that we should bridge IPv6
traffic from the virtual network to the physical interface, while still
forwarding IPv4 traffic using NAT.
In order to do that, we're going to need a) "shared physical interface"
configuration i.e. a per-interface flag that determines whether other
interfaces are allowed to bridge to it, b) an ipv6-only loopback
interface for connecting the virtual network's bridge to the shared
physical interface's bridge and c) a way for libvirtd to automatically
switch the the virtual network's bridge to the currently active physical
interface.
That's all pretty far out stuff. In the mean time, I think all we can
do is add an "ipv6 enabled" flag which would just ensure that the
virtual networks interface in Dom0 has a link-local address.
Any thoughts on all this are most welcome.
Cheers,
Mark.