;ra-param=*,0,0" (here, RA_interval=0 means default)
to disable default gateway in RA.
This patchset adds detection for "ra-param" in dnsmasq and
sets "ra-param=*,0,0" for isolated network if dnsmasq supports it.
Maxim Perevedentsev (2):
Fix message about dnsmasq BIND
IPv6 RA always contains an implicit default route via
the link-local address of the source of RA. This forces
the guest to install a route via isolated network, which
may disturb the guest's networking in case of multiple interfaces.
More info in 013427e6e733f7a662f4e8a9c11f7dad4cd65e3f.
The
---
src/util/virdnsmasq.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/util/virdnsmasq.c b/src/util/virdnsmasq.c
index da3e603..d253f44 100644
--- a/src/util/virdnsmasq.c
+++ b/src/util/virdnsmasq.c
@@ -693,7 +693,7 @@ dnsmasqCapsSetFromBuffer(dnsmasqCapsPtr caps, const
INDTODEVICE - see
dnsmasqCapsSetFromBuffer(). I'm guessing you based your addition on
the existing code for DNSMASQ_DHCPv6_SUPPORT() and
DNSMASQ_RA_SUPPORT(), but I think those were probably put in before
the patches that added parsing of --help output to learn dnsmasq
capabilities.
OK
--
Your sinc
If no gateway is specified in RA the a guest will install
a default route to link-local address of the source of RA
(in this case, virbr*), which may disturb guest's networking
e.g. if the 'expected' default route is through another interface.
This patch adds an attribute 'ipv6noDefRoute=yes|no'
;ra-param=*,0,0" (here, RA_interval=0 means default)
to disable default gateway in RA.
This patchset adds option
to network xml and sets the above option to dnsmasq config
if it is set to yes (default: no).
Maxim Perevedentsev (2):
dnsmasq: add option to disable IPv6 default gateway in
---
docs/formatnetwork.html.in | 15 ++-
docs/schemas/network.rng | 5 +
2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/docs/formatnetwork.html.in b/docs/formatnetwork.html.in
index 1cea931..e710f25 100644
--- a/docs/formatnetwork.html.in
+++
Would you accept patches related to 3rd solution?
Looking forward to your replies.
Thanks in advance!
--
Your sincerely,
Maxim Perevedentsev
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
f your sysctl -a?
Max DAD timeout should be
rand() % net.ipv6.conf.default.router_solicitation_delay +
net.ipv6.conf.default.dad_transmits *
net.ipv6.neigh.default.retrans_time_ms
I wonder whether my calculations were faulty or it is your specific
configuration.
--
Your sincerely,
Maxim Pereved
Such messages do not have NLMSG_ERROR or NLMSG_DONE type
but they are valid responses. We test 'multi-partness'
by looking for NLM_F_MULTI flag.
---
Difference to v1: fixed comment style.
src/util/virnetlink.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git
and throws an error. So the patch
2/2
adds multi-part nelink response support.
Update v2: fixed syntax.
Update v3: moved to virnetdev.
Update v4: added DAD timeout, minor fixes.
Maxim Perevedentsev (2):
network: added waiting for DAD to finish for bridge address.
netlink: add support for multi-part
This is a fix for commit db488c79173b240459c7754f38c3c6af9b432970
dnsmasq main process exits without waiting for DAD, this is dnsmasq
daemon's task. So we periodically poll the kernel using netlink and
check whether there are any IPv6 addresses assigned to bridge
which have 'tentative' state.
On 10/16/2015 08:13 PM, Laine Stump wrote:
On 10/16/2015 12:51 PM, Maxim Perevedentsev wrote:
On 10/15/2015 09:03 PM, Laine Stump wrote:
This loop *really* bothers me, because there is no failsafe to
terminate it if we never get positive notification that DAD has
completed. This would lock
emselves are external structures. We do not want to
destroy them, just remove pointers.
--
Your sincerely,
Maxim Perevedentsev
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
ement.
Ok. I wanted to work-around the case if we do not have libnl installed.
Once these 3 issues are dealt with, I think we can (finally) push this.
I'll try to fix it ASAP. Thank you.
--
Your sincerely,
Maxim Perevedentsev
--
libvir-list mailing list
libvir-list@redhat.com
https://ww
This is a fix for commit db488c79173b240459c7754f38c3c6af9b432970
dnsmasq main process exits without waiting for DAD, this is dnsmasq
daemon's task. So we periodically poll the kernel using netlink and
check whether there are any IPv6 addresses assigned to bridge
which have 'tentative' state.
and throws an error. So the patch
2/2
adds multi-part nelink response support.
Update v2: fixed syntax.
Update v3: moved to virnetdev.
Resend: These patches were ignored and buried long ago :-(
Maxim Perevedentsev (2):
network: added waiting for DAD to finish for bridge address.
netlink: add
Such messages do not have NLMSG_ERROR or NLMSG_DONE type
but they are valid responses. We test 'multi-partness'
by looking for NLM_F_MULTI flag.
---
Difference to v1: fixed comment style.
src/util/virnetlink.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git
Hello everyone!
I'd like to remind I'm still waiting for comments on these patches.
On 08/26/2015 01:28 PM, Maxim Perevedentsev wrote:
Thank you! Waiting in hope you have not forgotten. :)
On 08/17/2015 10:11 PM, Laine Stump wrote:
On 08/17/2015 10:48 AM, Maxim Perevedentsev wrote:
Hello
Thank you! Waiting in hope you have not forgotten. :)
On 08/17/2015 10:11 PM, Laine Stump wrote:
On 08/17/2015 10:48 AM, Maxim Perevedentsev wrote:
Hello guys!
Just a humble reminder of pending request :-)
Any suggestions about patches maybe?
Sorry for the delay. Pretty much everybody
Hello guys!
Just a humble reminder of pending request :-)
Any suggestions about patches maybe?
On 08/10/2015 08:08 PM, Maxim Perevedentsev wrote:
This is a fix for commit db488c79173b240459c7754f38c3c6af9b432970
dnsmasq main process which is relied on when waiting for DAD to complete
exits
On 08/11/2015 11:14 AM, Simon Kelley wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/08/15 22:29, Laine Stump wrote:
On 08/10/2015 01:08 PM, Maxim Perevedentsev wrote:
This is a fix for commit
db488c79173b240459c7754f38c3c6af9b432970 dnsmasq main process
exits without waiting
On 08/11/2015 12:15 AM, Laine Stump wrote:
On 08/10/2015 01:08 PM, Maxim Perevedentsev wrote:
Such messages do not have NLMSG_ERROR or NLMSG_DONE type
but they are valid responses. We test 'multi-partness'
by looking for NLM_F_MULTI flag.
---
src/util/virnetlink.c | 4 +++-
1 file changed
count)
+ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2);
int virNetDevSetMAC(const char *ifname,
--
Sincerely,
Maxim Perevedentsev
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
and throws an error. So the patch
2/2
adds multi-part nelink response support.
Update v2: fixed syntax.
Update v3: moved to virnetdev.
Maxim Perevedentsev (2):
network: added waiting for DAD to finish for bridge address.
Add support for multi-part netlink messages.
src/libvirt_private.syms
-nlmsg_flags NLM_F_MULTI))
+goto malformed_resp;
}
return result;
--
Sincerely,
Maxim Perevedentsev
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
On 08/04/2015 06:18 PM, Dmitry Guryanov wrote:
On 07/31/2015 07:35 PM, Maxim Perevedentsev wrote:
+/* return after DAD finishes for all known IPv6 addresses or an
error */
+static int
+networkWaitDadFinish(virNetworkObjPtr network)
I'd put this function to src/util/virnetlink.c
Then we
and throws an error. So the patch
2/2
adds multi-part nelink response support.
Update v2: fixed syntax.
Maxim Perevedentsev (2):
network: added waiting for DAD to finish for bridge address.
Add support for multi-part netlink messages.
src/network/bridge_driver.c | 113
)
+goto err4;
+
+/* DAD has happened, dnsmasq is now bound to the
* bridge's IPv6 address, so we can now set the dummy tun down.
*/
if (tapfd = 0) {
--
Sincerely,
Maxim Perevedentsev
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir
messages. */
+if (!(resp-nlmsg_flags NLM_F_MULTI))
+goto malformed_resp;
}
return result;
--
Sincerely,
Maxim Perevedentsev
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
-nlmsg_flags NLM_F_MULTI))
+goto malformed_resp;
}
return result;
--
Sincerely,
Maxim Perevedentsev
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
to wait for it ourselves.
+ */
+if (v6present networkWaitDadFinish(network) 0)
+goto err4;
+
+/* DAD has happened, dnsmasq is now bound to the
* bridge's IPv6 address, so we can now set the dummy tun down.
*/
if (tapfd = 0) {
--
Sincerely,
Maxim Perevedentsev
-nlmsg_flags NLM_F_MULTI))
+goto malformed_resp;
}
return result;
--
Sincerely,
Maxim Perevedentsev
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
and throws an error. So the patch
2/2
adds multi-part nelink response support.
Maxim Perevedentsev (2):
network: added waiting for DAD to finish for bridge address.
netlink: add support for multi-part netlink messages.
src/network/bridge_driver.c | 109
to wait for it ourselves.
+ */
+if (v6present networkWaitDadFinish(network) 0)
+goto err4;
+
+/* DAD has happened, dnsmasq is now bound to the
* bridge's IPv6 address, so we can now set the dummy tun down.
*/
if (tapfd = 0) {
--
Sincerely,
Maxim Perevedentsev
and throws an error. So the patch
2/2
adds multi-part nelink response support.
Maxim Perevedentsev (2):
network: added waiting for DAD to finish for bridge address.
netlink: add support for multi-part netlink messages.
src/network/bridge_driver.c | 109
36 matches
Mail list logo