Hi Gabriel. For this case, :
n such a network setup it is possible to deploy multiple shared guest networks, isolated via VLAN/VXLAN. These networks can be configured with only IPv4 addresses, or IPv4 + IPv6; on the second case the IPv4 address could be a either a private IP (e.g. 10.1.1.1) or a public IP; all VMs then have a public IPv6 address. For those have IPv4+IPv6 , can I know how you configure it ? On Wed, Nov 11, 2020 at 10:26 PM Hean Seng <heans...@gmail.com> wrote: > For ipv6 implementation for Advancezone with NAT, i guess shall be > allocate a ipv6 /64 subnet to it (the Virtual Router), and VirtualRouter > allocate IPv6 to VM under it. > So cloudstack shall allow add ipv6 /64 subnet to the zone , and when VM > created , it will assign a /64 subnet to VR, and VR have DHCP6 to > allocate IP to the VM. > > On Wed, Nov 11, 2020 at 7:54 PM Eric Lee Green <eric.lee.gr...@gmail.com> > wrote: > >> On 11/11/2020 2:01 AM, Hean Seng wrote: >> > IPv6 do not have NAT , each VM suppose to have indiviual Ipv6 Address. >> >> NAT66 does in fact exist, and the virtual routers used for VLANs could >> in fact be configured with RADV to provide an IETF RFC4193 SLAAC prefix >> to private VPC networks then use NAT66 to communicate with the rest of >> the IPv6 Internet via a SLAAC-configured IPv6 address on the virtual >> router's public interface. They are not currently so configured, but all >> the stuff to do it is already there in the base Debian distribution used >> for the virtual routers. >> >> Port forwarding would require changes to the virtual router to allow >> IPv6 port forwarding (as well as likely allowing a fixed IPv6 address >> for the virtual router rather than SLAAC). >> >> DHCPv6 to advertise IPv6 DNS servers would be the other part of that >> equation. >> >> Routing public subnets would require significant work, since the virtual >> routers would need to advertise routes upstream to whatever layer 3 >> switch or router routes things to and from the Internet. In addition >> security would require disabling incoming IPv6 connections to the >> advertised subnet except to specific instances that have a hole poked in >> the firewall allowing incoming IPv6. It is unlikely that anybody is >> going to bother implementing this anytime soon, since NAT66 works fine >> for Cloudstack's purposes and is significantly easier to implement since >> it doesn't require upstream routers to accept route advertisements from >> virtual routers. >> >> > >> > For NAT zone, is that any way to allocate IPv6 subnet ? >> > >> > >> > >> > >> > >> > >> > >> > On Tue, Nov 10, 2020 at 3:51 PM Andrija Panic <andrija.pa...@gmail.com> >> > wrote: >> > >> >> If not mistaken, ipv6 is only supported for Shared Networks, and not >> for >> >> Isolated/VPC networks. >> >> >> >> On Tue, 3 Nov 2020 at 04:31, Hean Seng <heans...@gmail.com> wrote: >> >> >> >>> Hi >> >>> >> >>> Is that anyone have a idea of best way implementing ipv6 in >> cloudstack ? >> >>> >> >>> I saw the doc, and mentioned create another SharedGuestNework in >> >>> AdvanceZone, and assigned ipv6 /64 network there. >> >>> >> >>> However, I not quite understand is in Advancezone with NAT (public ip, >> >>> isolated vlan), the network of the VM is their own LAN IP and >> isolated >> >> by >> >>> VLAN or VXLAN. How can we assign Ipv6 over there? Or shall we >> >> create >> >>> another SharedGuestNetwork with another VLAN , and assign another >> >>> GuestNetwork manually to the VM ? But then, the VM become 2 >> network. Is >> >>> that the way to do ? >> >>> >> >>> >> >>> -- >> >>> Regards, >> >>> Hean Seng >> >>> >> >> >> >> -- >> >> >> >> Andrija Panić >> >> >> > >> > > > -- > Regards, > Hean Seng > -- Regards, Hean Seng
