Laine, many thanks for such a detailed reply.
On 06/29/2016 08:55 PM, Laine Stump wrote:
* Beyond that, I think it would make more sense to have the option
defined in the <ip> element for the IPv6 address rather than at the
toplevel
Why may we need it? We are talking about isolated networks, so what is
the need for a gateway if all guests are in the same subnet? This is
just what you fixed in a related commit
013427e6e733f7a662f4e8a9c11f7dad4cd65e3f.
As I understand, the difference to IPv4 is that IPv6 RA cannot have
empty default gateway. The link-local address of the source of RA is
implicitly considered a gateway. And the only thing you can do is to set
its lifetime to 0 to disable it.
It occured to me that these fixes can be treated as an extension of
aforementioned commit,
and we should just add "ra-param=*,0,0" to dnsmasq config if we have a
new enough version.
(I know there is already an option called "ipv6" at the toplevel, but
that is a special case because it's telling what to do wrt IPv6 when
there *aren't any* ipv6 <ip> elements in the network definition). A
question: would it be possible to set multiple IPv6 addresses, and
mark one of them as the default? If so, how would that be configured?
From "man dnsmasq":
"When RA is enabled, dnsmasq will advertise a prefix for each
dhcp-range, with default router and recursive DNS server as the
relevant link-local address on the machine running dnsmasq."
So it looks like this is impossible, at least for dnsmasq (I have not
manage to make it work).
A little of googling gave me that radvd supports default route, but it
is not the case.
* When you're checking for whether or not dnsmasq is able to support
the option you're using, you base this on a dnsnasq version number. Is
there any chance that the necessary info could be learned from the
output of dnsmasq --help? Would it be adequate to just check for the
presence of the string "--ra-param=" in the help output? This is
already done to check for dnsmasq's use of SO_BINDTODEVICE - see
dnsmasqCapsSetFromBuffer(). I'm guessing you based your addition on
the existing code for DNSMASQ_DHCPv6_SUPPORT() and
DNSMASQ_RA_SUPPORT(), but I think those were probably put in before
the patches that added parsing of --help output to learn dnsmasq
capabilities.
OK
--
Your sincerely,
Maxim Perevedentsev
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list