Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 3B8A2200C17 for ; Fri, 27 Jan 2017 01:13:43 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 3A0EE160B60; Fri, 27 Jan 2017 00:13:43 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 83B7F160B5E for ; Fri, 27 Jan 2017 01:13:42 +0100 (CET) Received: (qmail 96372 invoked by uid 500); 27 Jan 2017 00:13:41 -0000 Mailing-List: contact commits-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list commits@cloudstack.apache.org Received: (qmail 96244 invoked by uid 99); 27 Jan 2017 00:13:41 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 27 Jan 2017 00:13:41 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 62CBCDFF9F; Fri, 27 Jan 2017 00:13:41 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: rajani@apache.org To: commits@cloudstack.apache.org Date: Fri, 27 Jan 2017 00:13:44 -0000 Message-Id: <81f543ffaa9944abb26ce61df62f02fe@git.apache.org> In-Reply-To: References: X-Mailer: ASF-Git Admin Mailer Subject: [4/4] git commit: updated refs/heads/master to f10c8bf archived-at: Fri, 27 Jan 2017 00:13:43 -0000 Merge pull request #1700 from wido/ipv6-basic-networking CLOUDSTACK-9359: IPv6 for Basic NetworkingThis PR is a proposal for adding very basic IPv6 to Basic Networking. The main goal of this PR is that the API returns a valid IPv6 address over which the Instance is reachable. The GUI will show the IPv6 address after deployment of the Instance. ![screenshot from 2016-10-03 16 34 56](https://cloud.githubusercontent.com/assets/326786/19070024/b06d2de6-8a29-11e6-8fe7-4902e2801ada.png) If the table VLAN has a proper IPv6 CIDR configured the DirectPodBasedNetworkGuru will calculate the IPv6 Address the Instance will obtain using EUI-64 and SLAAC: https://tools.ietf.org/search/rfc4862 In this case the _vlan_ table contained: 
mysql> select * from vlan \G
*************************** 1. row ***************************
                 id: 1
               uuid: 90e0716c-5261-4992-bb9d-0afd3006f476
            vlan_id: vlan://untagged
       vlan_gateway: 172.16.0.1
       vlan_netmask: 255.255.255.0
        description: 172.16.0.10-172.16.0.250
          vlan_type: DirectAttached
     data_center_id: 1
         network_id: 204
physical_network_id: 200
        ip6_gateway: 2001:980:7936:112::1
           ip6_cidr: 2001:980:7936:112::/64
          ip6_range: NULL
            removed: NULL
            created: 2016-07-19 20:39:41
1 row in set (0.00 sec)

mysql>
It will then log: 
2016-10-04 11:42:44,998 DEBUG [c.c.n.g.DirectPodBasedNetworkGuru] (Work-Job-Executor-1:ctx-1975ec54 job-186/job-187 ctx-0d967d88) (logid:275c4961) Found IPv6 CIDR 2001:980:7936:112::/64 for VLAN 1
2016-10-04 11:42:45,009 INFO  [c.c.n.g.DirectPodBasedNetworkGuru] (Work-Job-Executor-1:ctx-1975ec54 job-186/job-187 ctx-0d967d88) (logid:275c4961) Calculated IPv6 address 2001:980:7936:112:4ba:80ff:fe00:e9 using EUI-64 for NIC 6a05deab-b5d9-4116-80da-c94b48333e5e
The template has to be configured accordingly: - No IPv6 Privacy Extensions - Use SLAAC - Follow RFC4862 This is also described in: https://cwiki.apache.org/confluence/display/CLOUDSTACK/IPv6+in+Basic+Networking The next steps after this will be: - Security Grouping to prevent IPv6 Address Spoofing - Security Grouping to filter ICMP, UDP and TCP traffic * pr/1700: CLOUDSTACK-676: IPv6 In -and Egress filtering for Basic Networking CLOUDSTACK-676: IPv6 Basic Security Grouping for KVM CLOUDSTACK-9359: IPv6 for Basic Networking with KVM Signed-off-by: Rajani Karuturi Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/f10c8bfe Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/f10c8bfe Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/f10c8bfe Branch: refs/heads/master Commit: f10c8bfe0c99a762c2606459413a47219614e775 Parents: 4721c53 115d6d5 Author: Rajani Karuturi Authored: Fri Jan 27 05:42:44 2017 +0530 Committer: Rajani Karuturi Committed: Fri Jan 27 05:42:44 2017 +0530 ---------------------------------------------------------------------- api/src/com/cloud/agent/api/to/NetworkTO.java | 31 ++ .../cloud/agent/api/SecurityGroupRulesCmd.java | 7 + .../agent/api/SecurityGroupRulesCmdTest.java | 3 +- debian/control | 2 +- packaging/centos63/cloud.spec | 1 + packaging/centos7/cloud.spec | 1 + .../kvm/resource/LibvirtComputingResource.java | 6 +- ...LibvirtSecurityGroupRulesCommandWrapper.java | 2 +- .../resource/LibvirtComputingResourceTest.java | 11 +- .../xenbase/CitrixRequestWrapperTest.java | 3 +- scripts/vm/network/security_group.py | 323 ++++++++++++++----- .../cloud/hypervisor/HypervisorGuruBase.java | 2 + .../network/guru/DirectPodBasedNetworkGuru.java | 104 +++--- .../security/SecurityGroupManagerImpl.java | 6 +- .../security/SecurityGroupManagerImpl2.java | 2 +- ui/lib/jquery.validate.additional-methods.js | 5 +- ui/scripts/network.js | 4 +- ui/scripts/sharedFunctions.js | 12 +- .../main/java/com/cloud/utils/net/NetUtils.java | 25 ++ .../java/com/cloud/utils/net/NetUtilsTest.java | 27 ++ 20 files changed, 439 insertions(+), 138 deletions(-) ----------------------------------------------------------------------