|
|
|
|
|
|
|
|
|
|
xen-devel
Re: [Xen-devel] ipv6 addresses on vifX.Y interfaces and bridges
Am Sonntag, 6. Januar 2008 23:48:13 schrieb Daniel P. Berrange:
> On Mon, Jan 07, 2008 at 09:44:09AM +1100, James Harper wrote:
> > > On Mon, Jan 07, 2008 at 09:26:43AM +1100, James Harper wrote:
> > > > The network scripts appear to set noarp on all the vifX.Y and
> >
> > xen-brX
> >
> > > > interfaces, but I also need to remove the IPv6 address and stop the
> > > > interfaces participating in autoconfiguration...
> > > >
> > > > Has anyone done this already?
> > >
> > > You don't need to remove the link-local IPv6 addresses, they are
> >
> > harmless.
> >
> > > The key is to stop auto-conf taking place on the bridge. The way todo
> > > this is to set the mtu of the bridge to something tiny (eg 68) before
> > > bringing the interface up, and then once it is up, restore the mtu to
> > > its normal 1500.
> > >
> > > This was previously merged in xen-unstable, in 13364
> >
> > That sounds a bit kludgy... wouldn't it be better to make use of
> > /proc/sys/net/ipv6/<interface>/autoconf and/or .../accept_ra?
>
> Would have to ask Herbert about that - when he wrote the patch this was
> the only reliable way of selectively disabling Ipv6 on the bridge, but
> not other eth devices.
>
> > Wouldn't the bridge just autoconf next time an ra is sent once its mtu
> > is back up to 1500?
>
> No, because the low MTU means it never gets assigned a link-local address
> and thus has no way to parcitipate in ipv6 autoconf thereafter.
But it's a dirty hack, isn't it?
what about just using the ip tool to get rid of the ipv6 address after the
interface has been configured?
"ip -6 addr flush dev ethX" (or whatever device) should do the trick... :)
it removes any global or local address on the interface and prevents any
further autoconfiguration.
> Dan.
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
|
|