Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 21E5B200B98 for ; Mon, 3 Oct 2016 20:43:18 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 20852160ADC; Mon, 3 Oct 2016 18:43:18 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 6A107160ACD for ; Mon, 3 Oct 2016 20:43:17 +0200 (CEST) Received: (qmail 6924 invoked by uid 500); 3 Oct 2016 18:43:11 -0000 Mailing-List: contact dev-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list dev@cloudstack.apache.org Received: (qmail 6912 invoked by uid 99); 3 Oct 2016 18:43:11 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Oct 2016 18:43:11 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id C016B180361 for ; Mon, 3 Oct 2016 18:43:10 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 2.664 X-Spam-Level: ** X-Spam-Status: No, score=2.664 tagged_above=-999 required=6.31 tests=[FSL_HELO_BARE_IP_2=1.499, KAM_LAZY_DOMAIN_SECURITY=1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_NUMERIC_HELO=0.865] autolearn=disabled Received: from mx2-lw-us.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id 9cZQZA0I-1Zz for ; Mon, 3 Oct 2016 18:43:09 +0000 (UTC) Received: from smtp02.mail.pcextreme.nl (smtp02.mail.pcextreme.nl [109.72.87.139]) by mx2-lw-us.apache.org (ASF Mail Server at mx2-lw-us.apache.org) with ESMTPS id BA6805F4EC for ; Mon, 3 Oct 2016 18:43:08 +0000 (UTC) Received: from 109.72.87.221 (ox01.pcextreme.nl [109.72.87.221]) by smtp02.mail.pcextreme.nl (Postfix) with ESMTPSA id CAF2440C12 for ; Mon, 3 Oct 2016 20:43:00 +0200 (CEST) Date: Mon, 3 Oct 2016 20:43:00 +0200 (CEST) From: Wido den Hollander To: dev@cloudstack.apache.org Message-ID: <803597888.5548.1475520180772@ox.pcextreme.nl> Subject: IPv6 in Basic Networking progress MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Priority: 3 Importance: Medium X-Mailer: Open-Xchange Mailer v7.8.1-Rev15 X-Originating-Client: open-xchange-appsuite archived-at: Mon, 03 Oct 2016 18:43:18 -0000 Hi, One of the things I'm really missing in CloudStack currently is IPv6 support in Basic Networking. Why? Our cloud at PCextreme runs on CloudStack with Basic Networking and we currently do have IPv6 support, but without the knowledge of CloudStack. My goals are currently simple: - The API should return the IPv6 address of the Instance - Security Grouping should prevent IPv6 address spoofing This is all on the Wiki: https://cwiki.apache.org/confluence/display/CLOUDSTACK/IPv6+in+Basic+Networking I didn't get to it due to a lack of time, but I gave it a try again this weekend and today. With result!: https://github.com/wido/cloudstack/commits/ipv6-basic-networking The 'nics' table already has the ip6_address column and the API will return this value when it is set. So what I did is modify the DirectPodBasedNetworkGuru that it calculates the EUI-64 IPv6 address a Instance will obtain using SLAAC. In the network you have to make sure the routers (not the VR, physical ones!) are sending our Router Advertisements with the same subnet as you configured in CloudStack. The code is actually very simple and it 'works': https://widodh.o.auroraobjects.eu/cloudstack/ipv6-basic-networking-instance.png The CloudStack code is very, very IPv4 orientated and has many flaws. It passes IP-Addresses as Strings and such while native types like InetAddress might be better, but that would be a major refactor which will consume a lot of time. And honestly, I don't have the time. As stated above our goals are currently simple. The API should return a IPv6 Address so that after deployment anything consuming the API can instantly connect to the Instance over IPv6. Wido