On 05/12/2016 04:41 AM, Daniel P. Berrange wrote:
On Thu, May 12, 2016 at 10:31:34AM +0200, Andrea Bolognani wrote:
> Is there any real chance the "prefix" attribute will need to be specified
> for the host as well? Because in that case we would clearly have to go
> with "hostPrefix", and using "host" instead of
"hostAddress" would look
> quite ugly.
Both IP addresses are required to be in the same subnet and thus have
the same prefix
If 20 year old memories serve me correctly, the local and remote side of
a point-to-point link can be on completely different networks (and the
simple experiment I was able to do with ifconfig just now showed that it
accepts such a setup - see below). The entire point (haha) of a
point-to-point link is that there is only a single IP at the other end
(unless additional routes are setup), and even ARP isn't necessary (or
even possible on some media, e.g. PPP).
But as far as I've been able to figure out so far, it's a bit different
when you set a peer IP address on an ethernet interface - the result of
doing this is that the local IP is set as you'd expect, the POINTOPOINT
flag isn't set (I haven't found any way to set this with an existing
shell command), and the "direct" route that's added to the routing table
is for the network of the *peer* address combined with the prefix
(normally the direct route added for an ethernet is for the subnet
containing the *local* address). For example, when I give this command:
ifconfig p4p2_3 1.2.3.4 pointopoint 5.6.7.8 netmask 255.255.255.0
I end up with only a single new entry in the routing table:
Destination Gateway Genmask Flags MSS Window irtt
Iface
5.6.7.8 0.0.0.0 255.255.255.0 U 0 0 0
p4p2_3
^^^^^^^^
(NOTE - *not* 1.2.3.0)
I don't have anything connected for the other end, but when I "ping
5.6.7.8" (or "5.6.7.24"), I see ARP requests for 5.6.7.8 going out on
p4p2_3.(If I set netmask to 255.255.255.255, it of course only ARPs for
5.6.7.8)
So we've established that the local and peer addresses don't need to be
on the same subnet. And since the guest-side will be seeing the 1.2.3.4
network as peer, it *could* have a different prefix (maybe the host side
wants to see the guest as 5.6.7.8/32 (single host), but the guest wants
to see the host as 1.2.3.4/8). So I think Andrea has a valid point (and
maybe this is another indicator that the address info for the two ends
should be in separate elements; definitely it shows that the guest side
and host side should be allowed to have different prefixes).
The place where this could be most useful is on an lxc <interface
type='ethernet'>, where libvirt is able to do the IP config for both the
guest and the host side of the veth pair. Rather than continue to spout
off about it, I'm going to try and do some experiments over the next few
days (in between [life]) and see what happens. Hopefully I can get back
to the list within a day or two with something less speculative.