HOWTO: XEN en ipv6 chez Online.net
Soumis par webmaster le dim, 12/15/2013 - 20:58
Tout ca en mode routé, car c'est le mode privilégié sur le réseau Online.net
Sur la dom0:
Configuration réseau de la dom0 (/etc/network/interfaces):
iface eth0 inet6 static address 2001:AAA:BBBB:CCC:: accept_ra 2 netmask 56 pre-up dhclient -cf /etc/dhcp/dhclient6.conf -pf /run/dhclient6.eth0.pid -6 -P eth0 pre-down dhclient -x -pf /run/dhclient6.eth0.pid
Fichier de configuration dhcp ( /etc/dhcp/dhclient6.conf ) :
interface "eth0" { send dhcp6.client-id [replace with DUID]; # si on veut récupérer les DNS ipv6 # request domain-name-servers; # si on veut récupérer le domaine ipv6 # request domain-name; request; }
Le script XEN compatible ipv6 ( /etc/xen/scripts/vif-route-ip6 ):
#!/bin/bash #============================================================================ # /etc/xen/vif-route-ip6 # # Script for configuring a vif in routed mode. # The hotplugging system will call this script if it is specified either in # the device configuration given to Xend, or the default Xend configuration # in /etc/xen/xend-config.sxp. If the script is specified in neither of those # places, then vif-bridge is the default. # # Usage: # vif-route (add|remove|online|offline) # # Environment vars: # vif vif interface name (required). # XENBUS_PATH path to this device's details in the XenStore (required). # # Read from the store: # ip list of IP networks for the vif, space-separated (default given in # this script). IPv6 should also work. #============================================================================ #debug exec 2>&1 echo "#### $0 $@ at `date` ####" set -x dir=$(dirname "$0") . "$dir/vif-common.sh" ip6_of() { ip -6 addr show "$1" | perl -wane '/scope global/ && /inet6 (([0-9a-f]+:*)+)/ && print $1;' } ip6sub_of() { ip -6 addr show "$1" | perl -wane '/scope global/ && /inet6 (([0-9a-f]+:*)+\/([0-9]+)+)/ && print $1;' } mac_of() { ifconfig "$1" | perl -wane '/HWaddr (([0-9a-f]+:*)+)/ && print $1;' } dom0_ip6() { local nd=${netdev:-eth0} local result=$(ip6_of "$nd") if [ -z "$result" ] then "" else echo "$result" fi } dom0_ip6sub() { local nd=${netdev:-eth0} local result=$(ip6sub_of "$nd") if [ -z "$result" ] then "" else echo "$result" fi } is_ipv6() { echo "$1" | perl -wane '/:/ && print "yes"' } inet_ipv6_of() { echo "$1" | perl -wane '/(([0-9a-f]+:*)+)/ && print $1;' } main_ip=$(dom0_ip) main_ip6=$(dom0_ip6) main_ip6sub=$(dom0_ip6sub) case "$command" in online) log info "[vif-route] online request, ip ${ip} with main_ip ${main_ip} and main_ip6 ${main_ip6} for ${dev}." ifconfig ${dev} ${main_ip} netmask 255.255.255.255 up if [ ! -z "${main_ip6}" ]; then ifconfig eth0 promisc ip -6 addr add ${main_ip6sub} dev ${dev} echo 1 >/proc/sys/net/ipv6/conf/${dev}/proxy_ndp # cannot define per device forwarding in ipv6 echo 1 >/proc/sys/net/ipv6/conf/all/forwarding fi echo 1 >/proc/sys/net/ipv4/conf/${dev}/proxy_arp ipcmd='add' cmdprefix='' ;; offline) do_without_error ifdown ${dev} ipcmd='del' cmdprefix='do_without_error' ;; esac if [ "${ip}" ] ; then # If we've been given a list of IP addresses, then add routes from dom0 to # the guest using those addresses. for addr in ${ip} ; do result=$(is_ipv6 "${addr}") if [ -z "${result}" ] ; then log info "[vif-route] Manage (${ipcmd}) IPv4 address ${addr} with src ${main_ip} for $dev." result=`${cmdprefix} ip route ${ipcmd} ${addr} dev ${dev} src ${main_ip} 2>&1` log info "[vif-route] Result: ${result}" else inet_addr=$(inet_ipv6_of "${addr}") log info "[vif-route] Manage (${ipcmd}) IPv6 address ${addr} with src ${main_ip6} for $dev." result=`${cmdprefix} ip -6 route ${ipcmd} ${addr} dev ${dev} 2>&1` log info "[vif-route] Result: ${result}" log info "[vif-route] Manage (${ipcmd}) IPv6 proxy ${inet_addr} on ${netdev:-eth0}." result=`${cmdprefix} ip -6 neigh ${ipcmd} proxy ${inet_addr} dev ${netdev:-eth0} 2>&1` result=`${cmdprefix} ip -6 neigh ${ipcmd} proxy ${main_ip6} dev ${dev} 2>&1` log info "[vif-route] Result: ${result}" # proxy_ndp is deprecated. Shall be managed another way. Maybe like below: neighbor permanent defs ? # log info "[vif-route] Manage (${ipcmd}) IPv6 neighbor ${inet_addr} on ${netdev:-eth0}." # if [ "${ipcmd}" = "add" ] ; then # mac=$(xenstore_read_default "$XENBUS_PATH/mac" "") # mainmac=$(mac_of "${netdev:-eth0}") # #result=`${cmdprefix} ip -6 neighbor ${ipcmd} ${inet_addr} lladdr ${mac} dev ${netdev:-eth0} 2>&1` # result=`${cmdprefix} ip -6 neighbor ${ipcmd} ${main_ip6} lladdr ${mainmac} dev ${dev} 2>&1` # else # #result=`${cmdprefix} ip -6 neighbor ${ipcmd} ${inet_addr} dev ${netdev:-eth0} 2>&1` # result=`${cmdprefix} ip -6 neighbor ${ipcmd} ${main_ip6} dev ${dev} 2>&1` # fi # log info "[vif-route] Result: ${result}" fi done fi handle_iptable log debug "Successful vif-route $command for $dev." if [ "$command" = "online" ] then success fi
A ajouter dans les fichiers de création/config des domU:
vif = ['script=vif-route-ip6,mac=[MAC],ip=[ip4] [ip6 including subnet],vifname=veth0' ] # replace with DomU's IPs, MAC and IPv6 including subnet => 2001:AAAA:BBB:DDD::/64
Sur les domU ( /etc/network/interfaces ):
iface eth0 inet6 static address 2001:AAA:BBBB:DDD:: netmask 64 accept_ra 0 # a tester avec la delegation routeurs... mais des doutes # pre-up dhclient -cf /etc/dhcp/dhclient6.conf -pf /run/dhclient6.eth0.pid -6 -P eth0 # pre-down dhclient -x -pf /run/dhclient6.eth0.pid pre-up echo 0 > /proc/sys/net/ipv6/conf/eth0/autoconf up ip -6 route add 2001:AAA:BBBB:CCC::/dev eth0 up ip -6 route add default via 2001:AAA:BBBB:CCC::
- Identifiez-vous pour poster des commentaires