compared with
Key
This line was removed.
This word was removed. This word was added.
This line was added.

Changes (13)

View Page History
As of [2014-05-29 IPv6 support has been added to vmadm|https://github.com/joyent/smartos-live/commit/fbe057b41d645981ecb236eaa38935a3082d8415] and no longer requires allow_ip_spoofing.
As of 20150917T235937Z IPv6 support has been added to vmadm via a new property "ips". The ips parameter supports multiple addresses including IPv4, IPv6, dhcp (for IPv4), and addrconf (for SLAAC or DHCPv6).

For all types of IPv6 connectivity svc:/network/routing/ndp:default needs to be enabled. Link local addresses are implicitly permitted as well as DHCPv6. For SLAAC and static addresses each address needs to be added to nics.*.allowed_ips.
Link local addresses, DHCPv6 and static are implicitly permitted. For addrconf (SLAAC) each address needs to be added to nics.*.allowed_ips or allow_ip_spoofing needs to be enabled. If an IPv6 address or addrconf are specified, ndpd will be automatically enabled.

E.g.:
In this example, the expected IPv6 address has been derived from the "mac" field via EUI-64 and added to "allowed_ips".
{code:language=javascript}[root@00-53-37-42-47-37 ~]# vmadm get 94ff50ad-ac74-46ac-8b9d-c05ddf55f434 | json -a nics
[
"nic_tag": "external",
"gateway": "198.51.100.1",
"gateways": [
"198.51.100.1"
],
"allowed_ips": [
"fe80::709c:d5ff:fe34:4759",
"2001:db8::709c:d5ff:fe34:4759"
],
"ip": "198.51.100.37",
"ips": ["198.51.100.37/24", "addrconf"]
"netmask": "255.255.0.0", "255.255.255.0",
"model": "virtio",
"primary": true
}
]{code}
The provisioner does not configure these addresses, nor enable ndp. After the instance boots, or as part of the user-script, run the following commands:
{code:language=bash}svcadm enable ndp
ipadm create-addr -t -T addrconf net0/v6{code}
This will also need to be done at each boot. There's an SMF and start method available [here|https://github.com/bahamat/smartos-ipv6-smf] that will manage this for SLAAC addresses. At current supporting static addresses is an exercise for the reader but I do plan to add it at a later date. Until then you can modify the SMF method on github or use the manifest provided blow.

h2. Legacy Setup

Previously, {{vmadm}} didn't support configuring IPv6 addresses for zones. A workaround is to set {{allow_ip_spoofing}} on the interface and configure it manually inside the zone. For example:

{code:title=On the host}
[root@00-25-90-38-94-04 ~]# vmadm get b2535e73-0892-4183-9e02-0255c6dde661 | egrep mac\|spoof
"mac": "b2:d2:27:af:cb:fd",
[root@00-25-90-38-94-04 ~]# echo '{"update_nics": [{"mac": "b2:d2:27:af:cb:fd", "allow_ip_spoofing": true}]}' | vmadm update b2535e73-0892-4183-9e02-0255c6dde661
Successfully updated b2535e73-0892-4183-9e02-0255c6dde661
[root@00-25-90-38-94-04 ~]# vmadm get b2535e73-0892-4183-9e02-0255c6dde661 | egrep mac\|spoof
"mac": "b2:d2:27:af:cb:fd",
"allow_ip_spoofing": true
{code}

(Re)Boot the zone and log into it. Inside, create temporary address objects for IPv6 and (probably) a default gateway:

{code:title=In the zone}
# ipadm create-addr -t -T addrconf net0/v6a
# ipadm create-addr -t -T static -a 2001:db8:1234::42 net0/v6s
# route add -inet6 default 2001:db8:1234::1
{code}

You should now have IPv6 connectivity, assuming the addressing used aligns with the actual addressing on the NIC the zone uses. The changes will not be persistent so this needs repeating after reboot.

h2. Automating

A script together with an SMF service can make sure that happens. For example, this can be used to automatically set an IPv6 address with address based on the current IPv4 address;

{code:title=/opt/setup-v6/bin/setup-v6.sh}
#!/bin/bash

V6PREF=2001:db8:1234::

V4=$(ipadm show-addr net0/_a -o addr -p)
ADDRONLY=${V4%/*}
LASTOCT=${ADDRONLY#*.*.*.}
V6=$V6PREF$LASTOCT/64

ipadm create-addr -t -T addrconf net0/v6a
ipadm create-addr -t -T static -a $V6 net0/v6s
route add -inet6 default ${V6PREF}1
{code}

{code:xml|title=/opt/setup-v6/etc/setup-v6.xml}
<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<service_bundle type="manifest" name="setup-v6">
<service name="site/setup-v6" type="service" version="1">

<create_default_instance enabled="true"/>
<single_instance/>

<dependency name="network" grouping="require_all" restart_on="error" type="service">
<service_fmri value="svc:/milestone/network:default"/>
</dependency>

<dependency name="filesystem" grouping="require_all" restart_on="error" type="service">
<service_fmri value="svc:/system/filesystem/local"/>
</dependency>

<method_context>
</method_context>

<exec_method type="method" name="start" exec="/opt/setup-v6/bin/setup-v6.sh" timeout_seconds="60"/>
<exec_method type="method" name="stop" exec=":kill" timeout_seconds="60"/>

<property_group name="startd" type="framework">
<propval name="duration" type="astring" value="transient"/>
<propval name="ignore_error" type="astring" value="core,signal"/>
</property_group>

<property_group name="application" type="application">
</property_group>

<stability value="Evolving"/>

<template>
<common_name>
<loctext xml:lang="C">
Setup IPv6
</loctext>
</common_name>
</template>
</service>
</service_bundle>
{code}
See vmadm(1) for more information.