cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Burwell <>
Subject Re: Results of a IPv6 brainstorm day
Date Thu, 10 Mar 2016 20:15:20 GMT

Curious if you have been able to make any progress on this work. Have you been able to move
it forward? If not, what kind of help would you need?



John Burwell

d:      +44 (20) 3603 0542 | s: +1 (571) 403-2411 <tel:+44%20(20)%203603%200542%20|%20s:%20+1%20(571)%20403-2411>

e: | t: <|%20t:>
    |      w:<>

a:      53 Chandos Place, Covent Garden London WC2N 4HS UK


Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India
LLP is a company incorporated in India and is operated under license from Shape Blue Ltd.
Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under
license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company registered by The Republic
of South Africa and is traded under license from Shape Blue Ltd. ShapeBlue is a registered
This email and any attachments to it may be confidential and are intended solely for the use
of the individual to whom it is addressed. Any views or opinions expressed are solely those
of the author and do not necessarily represent those of Shape Blue Ltd or related companies.
If you are not the intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender if you believe
you have received this email in error.

On Dec 22, 2015, at 5:17 AM, Wido den Hollander <> wrote:
> On 12/22/2015 04:35 AM, Ian Rae wrote:
>> Great to hear, next time I am happy to commit an engineer from CloudOps to
>> participate. We have done quite a bit of work around VPC and also need to
>> solve for IPv6 soon.
>> Thanks for sharing, great initiative/goal and I will make sure the CloudOps
>> team reviews and supports this.
> Great! The first challenge will be to get the core of ACS aware of IPv6.
> Pass IP addresses is InetAddress instead of a String, etc, etc.
> I don't know if a very big team can work on this without very short
> communication between the different people.
> But again, any help is appreciated! We need this to go in.
> Wido
>> On Friday, December 18, 2015, Wido den Hollander <> wrote:
>>> Hi,
>>> Yesterday we from PCextreme, Leaseweb and Schuberg Phillis sat down for
>>> a IPv6 brainstorm session.
>>> We asked a good IPv6 consultant (Sander Steffann) to join us to help us
>>> identify some glitches in our ideas.
>>> We had two ideas:
>>> -
>>> -
>>> Overall, our ideas looked good, our main concern was security grouping.
>>> How to prevent clients from spoofing and such.
>>> I updated the spec for the Basic Networking with those ideas.
>>> A few things worth noting:
>>> - Link-Local traffic should be allowed for specific ICMPv6-only. No UDP
>>> or TCP!
>>> - A DUID can not be trusted. We need a tagger on the HV which adds the
>>> MAC address as DHCPv6 option 37.
>>> - SLAAC can not be used. DHCPv6+IA only
>>> - We can assign multiple IPs and Prefixes via DHCPv6
>>> - ISC Kea seems very nice as a DHCPv6 server:
>>> A few RFCs which might be worth reading:
>>> -
>>> -
>>> -
>>> We will start to work on this, but the CloudStack core is still very,
>>> very, very IPv4 minded and this will need a lot of refactoring.
>>> However, once you understand IPv6 better it is much more simple then
>>> IPv4 imho.
>>> The end goal is that CloudStack can run on IPv6-only without ANY IPv4.
>>> What also resulted from this day:
>>> - Basic Networking can probably be merged with Advanced Networking with
>>> Direct Attached
>>> - Isolated Networks are about the same as a VPC
>>> - We might be able to ditch the SSVM in most situations
>>> Any way, enough work to do!
>>> Wido

Find out more about ShapeBlue and our range of CloudStack related services:
IaaS Cloud Design & Build<> |
CSForge – rapid IaaS deployment framework<>
CloudStack Consulting<> | CloudStack Software
CloudStack Infrastructure Support<>
| CloudStack Bootcamp Training Courses<>

  • Unnamed multipart/related (inline, None, 0 bytes)
View raw message