You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ra...@apache.org on 2017/01/27 00:13:44 UTC
[4/4] git commit: updated refs/heads/master to f10c8bf
Merge pull request #1700 from wido/ipv6-basic-networking
CLOUDSTACK-9359: IPv6 for Basic NetworkingThis PR is a proposal for adding very basic IPv6 to Basic Networking. The main goal of this PR is that the API returns a valid IPv6 address over which the Instance is reachable.
The GUI will show the IPv6 address after deployment of the Instance.
![screenshot from 2016-10-03 16 34 56](https://cloud.githubusercontent.com/assets/326786/19070024/b06d2de6-8a29-11e6-8fe7-4902e2801ada.png)
If the table VLAN has a proper IPv6 CIDR configured the DirectPodBasedNetworkGuru will calculate the IPv6 Address the Instance will obtain using EUI-64 and SLAAC: https://tools.ietf.org/search/rfc4862
In this case the _vlan_ table contained:
<pre>mysql> select * from vlan \G
*************************** 1. row ***************************
id: 1
uuid: 90e0716c-5261-4992-bb9d-0afd3006f476
vlan_id: vlan://untagged
vlan_gateway: 172.16.0.1
vlan_netmask: 255.255.255.0
description: 172.16.0.10-172.16.0.250
vlan_type: DirectAttached
data_center_id: 1
network_id: 204
physical_network_id: 200
ip6_gateway: 2001:980:7936:112::1
ip6_cidr: 2001:980:7936:112::/64
ip6_range: NULL
removed: NULL
created: 2016-07-19 20:39:41
1 row in set (0.00 sec)
mysql></pre>
It will then log:
<pre>2016-10-04 11:42:44,998 DEBUG [c.c.n.g.DirectPodBasedNetworkGuru] (Work-Job-Executor-1:ctx-1975ec54 job-186/job-187 ctx-0d967d88) (logid:275c4961) Found IPv6 CIDR 2001:980:7936:112::/64 for VLAN 1
2016-10-04 11:42:45,009 INFO [c.c.n.g.DirectPodBasedNetworkGuru] (Work-Job-Executor-1:ctx-1975ec54 job-186/job-187 ctx-0d967d88) (logid:275c4961) Calculated IPv6 address 2001:980:7936:112:4ba:80ff:fe00:e9 using EUI-64 for NIC 6a05deab-b5d9-4116-80da-c94b48333e5e</pre>
The template has to be configured accordingly:
- No IPv6 Privacy Extensions
- Use SLAAC
- Follow RFC4862
This is also described in: https://cwiki.apache.org/confluence/display/CLOUDSTACK/IPv6+in+Basic+Networking
The next steps after this will be:
- Security Grouping to prevent IPv6 Address Spoofing
- Security Grouping to filter ICMP, UDP and TCP traffic
* pr/1700:
CLOUDSTACK-676: IPv6 In -and Egress filtering for Basic Networking
CLOUDSTACK-676: IPv6 Basic Security Grouping for KVM
CLOUDSTACK-9359: IPv6 for Basic Networking with KVM
Signed-off-by: Rajani Karuturi <ra...@accelerite.com>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/f10c8bfe
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/f10c8bfe
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/f10c8bfe
Branch: refs/heads/master
Commit: f10c8bfe0c99a762c2606459413a47219614e775
Parents: 4721c53 115d6d5
Author: Rajani Karuturi <ra...@accelerite.com>
Authored: Fri Jan 27 05:42:44 2017 +0530
Committer: Rajani Karuturi <ra...@accelerite.com>
Committed: Fri Jan 27 05:42:44 2017 +0530
----------------------------------------------------------------------
api/src/com/cloud/agent/api/to/NetworkTO.java | 31 ++
.../cloud/agent/api/SecurityGroupRulesCmd.java | 7 +
.../agent/api/SecurityGroupRulesCmdTest.java | 3 +-
debian/control | 2 +-
packaging/centos63/cloud.spec | 1 +
packaging/centos7/cloud.spec | 1 +
.../kvm/resource/LibvirtComputingResource.java | 6 +-
...LibvirtSecurityGroupRulesCommandWrapper.java | 2 +-
.../resource/LibvirtComputingResourceTest.java | 11 +-
.../xenbase/CitrixRequestWrapperTest.java | 3 +-
scripts/vm/network/security_group.py | 323 ++++++++++++++-----
.../cloud/hypervisor/HypervisorGuruBase.java | 2 +
.../network/guru/DirectPodBasedNetworkGuru.java | 104 +++---
.../security/SecurityGroupManagerImpl.java | 6 +-
.../security/SecurityGroupManagerImpl2.java | 2 +-
ui/lib/jquery.validate.additional-methods.js | 5 +-
ui/scripts/network.js | 4 +-
ui/scripts/sharedFunctions.js | 12 +-
.../main/java/com/cloud/utils/net/NetUtils.java | 25 ++
.../java/com/cloud/utils/net/NetUtilsTest.java | 27 ++
20 files changed, 439 insertions(+), 138 deletions(-)
----------------------------------------------------------------------