On 01.07.2016 14:50, Maxim Perevedentsev wrote:
In case of DHCPv6 in isolated network, we start dnsmasq which sends Router Advertisements (RA). If RA containts no gateway then the link-local address of the source of RA is considered a gateway (and guest installs a corresponding default route). If a guest has two network interfaces (public and isolated network) and the user installs a default route through "public" interface, the guest will have something like default via fe80::ffff:1:1 dev eth2 metric 1024 default via fe80::5054:ff:fe0a:d808 dev eth3 proto ra metric 1024 expires 1789sec RA route metric may vary, and it is preferred. The validity of default route is controlled by "default [route] lifetime" field in RA. If it is 0, then the default gateway announced is considered invalid, and no default route is installed into guest. dnsmasq 2.67+ supports "ra-param=<interface>,<RA interval>,<default lifetime>" option. We can pass "ra-param=*,0,0" (here, RA_interval=0 means default) to disable default gateway in RA. This patchset adds detection for "ra-param" in dnsmasq and sets "ra-param=*,0,0" for isolated network if dnsmasq supports it. Maxim Perevedentsev (2): Fix message about dnsmasq BINDTODEVICE capability. dnsmasq: disable IPv6 default gateway in RA for isolated networks src/network/bridge_driver.c | 7 +++++++ src/util/virdnsmasq.c | 8 ++++++-- src/util/virdnsmasq.h | 1 + 3 files changed, 14 insertions(+), 2 deletions(-) -- 1.8.3.1 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
Pushed now. Thanks! Maxim -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list