WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] ipv6 addresses on vifX.Y interfaces and bridges

To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-devel] ipv6 addresses on vifX.Y interfaces and bridges
From: Ralph Passgang <xen@xxxxxxxxxxxxx>
Date: Mon, 7 Jan 2008 02:10:06 +0100
Delivery-date: Sun, 06 Jan 2008 17:10:43 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <20080106224813.GE5345@xxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <AEC6C66638C05B468B556EA548C1A77D0131A647@trantor> <AEC6C66638C05B468B556EA548C1A77D0131A64C@trantor> <20080106224813.GE5345@xxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: KMail/1.9.6 (enterprise 0.20071204.744707)
Am Sonntag, 6. Januar 2008 23:48:13 schrieb Daniel P. Berrange:
> On Mon, Jan 07, 2008 at 09:44:09AM +1100, James Harper wrote:
> > > On Mon, Jan 07, 2008 at 09:26:43AM +1100, James Harper wrote:
> > > > The network scripts appear to set noarp on all the vifX.Y and
> >
> > xen-brX
> >
> > > > interfaces, but I also need to remove the IPv6 address and stop the
> > > > interfaces participating in autoconfiguration...
> > > >
> > > > Has anyone done this already?
> > >
> > > You don't need to remove the link-local IPv6 addresses, they are
> >
> > harmless.
> >
> > > The key is to stop auto-conf taking place on the bridge. The way todo
> > > this is to set the mtu of the bridge to something tiny (eg 68) before
> > > bringing the interface up, and then once it is up, restore the mtu to
> > > its normal 1500.
> > >
> > > This was previously merged in xen-unstable, in 13364
> >
> > That sounds a bit kludgy... wouldn't it be better to make use of
> > /proc/sys/net/ipv6/<interface>/autoconf and/or .../accept_ra?
>
> Would have to ask Herbert about that - when he wrote the patch this was
> the only reliable way of selectively disabling Ipv6 on the bridge, but
> not other eth devices.
>
> > Wouldn't the bridge just autoconf next time an ra is sent once its mtu
> > is back up to 1500?
>
> No, because the low MTU means it never gets assigned a link-local address
> and thus has no way to parcitipate in ipv6 autoconf thereafter.

But it's a dirty hack, isn't it?
what about just using the ip tool to get rid of the ipv6 address after the 
interface has been configured?

"ip -6 addr flush dev ethX" (or whatever device) should do the trick... :)

it removes any global or local address on the interface and prevents any 
further autoconfiguration.

> Dan.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel