cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wido <...@git.apache.org>
Subject [GitHub] cloudstack pull request #1700: IPv6 for Basic Networking
Date Tue, 04 Oct 2016 10:00:35 GMT
GitHub user wido opened a pull request:

    https://github.com/apache/cloudstack/pull/1700

    IPv6 for Basic Networking

    This PR is a proposal for adding very basic IPv6 to Basic Networking. The main goal of
this PR is that the API returns a valid IPv6 address over which the Instance is reachable.
    
    The GUI will show the IPv6 address after deployment of the Instance.
    
    ![screenshot from 2016-10-03 16 34 56](https://cloud.githubusercontent.com/assets/326786/19070024/b06d2de6-8a29-11e6-8fe7-4902e2801ada.png)
    
    If the table VLAN has a proper IPv6 CIDR configured the DirectPodBasedNetworkGuru will
calculate the IPv6 Address the Instance will obtain using EUI-64 and SLAAC: https://tools.ietf.org/search/rfc4862
    
    The template has to be configured accordingly:
    - No IPv6 Privacy Extensions
    - Use SLAAC
    - Follow RFC4862
    
    This is also described in: https://cwiki.apache.org/confluence/display/CLOUDSTACK/IPv6+in+Basic+Networking
    
    The next steps after this will be:
    
    - Security Grouping to prevent IPv6 Address Spoofing
    - Security Grouping to filter ICMP, UDP and TCP traffic

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/wido/cloudstack ipv6-basic-networking

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/cloudstack/pull/1700.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1700
    
----
commit c9acd61dea455663ff13a44dccee87f5eda56bd0
Author: Wido den Hollander <wido@widodh.nl>
Date:   2016-07-20T10:10:53Z

    utils: IPv6 EUI-64 address calculator
    
    When given a IPv6 subnet and a MAC-Address it will calculate the
    EUI-64 IPv6 address used in SLAAC.
    
    Signed-off-by: Wido den Hollander <wido@widodh.nl>

commit 74449d8e956514fa74532c8c9580619a11bbc943
Author: Wido den Hollander <wido@widodh.nl>
Date:   2016-07-21T08:45:36Z

    utils: Calculate IPv6 Link-Local Address from MAC address
    
    Util for calculating the Link-Local Address a host will obtain
    using EUI-64 and the fe80::/64 subnet.
    
    Signed-off-by: Wido den Hollander <wido@widodh.nl>

commit 01a34e299196ac00319a4500be8541901d46e68d
Author: Wido den Hollander <wido@widodh.nl>
Date:   2016-10-03T08:13:25Z

    Calculate IPv6 address for Instance in DirectPodBasedNetworkGuru
    
    EUI-64 is used here which calculates the address based on the CIDR and MAC
    address. Duplicate addresses are not possible to due to the usage of EUI-64
    which makes the code much more simple.
    
    In Basic Networking the NIC of the Instance will have it's IPv6 details
    configured in the NIC.
    
    This way the API returns the information which can then be used by other
    applications to directly talk IPv6 with the Instance.
    
    Signed-off-by: Wido den Hollander <wido@widodh.nl>

commit 6ac4280c564bb088fbeefb099b66e5e10dd272f9
Author: Wido den Hollander <wido@widodh.nl>
Date:   2016-10-03T12:31:22Z

    ipv6: Update NetworkTO to transfer IPv6 Address and CIDR to Hypervisors
    
    This way the StartCommand for KVM contains all the required information
    needed to program Security Groups in such a way that IPv6 Address spoofing
    is not possible.

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message