On 03/10/2015 12:58 PM, Ján Tomko wrote:
> On Mon, Mar 09, 2015 at 08:04:59PM -0400, John Ferlan wrote:
>> From: Luyao Huang <lhuang(a)redhat.com>
>>
>> If an interface or network has both ipv6 and ipv4 addresses which can
>> be used, we do not know which to use as a listen address. This patch
>> introduces the 'family' attribute to allow the XML to determine whether
>> the desire is to use IPv6 instead of IPv4 as the listen family to use.
>> The default will remain IPv4.
>>
>
> As Laine mentioned in his reply to v1:
>
https://www.redhat.com/archives/libvir-list/2015-February/msg01080.html
> This is intended to be run only on networks with one address. With more
> addresses, you cannot control which one to use.
It's been a while since I've had to "think" whether getifaddrs() would
return the same IPv4 address in the "first" entry as would be return
from the ioctl(SIOCGIFADDR)... IIRC, IPv4 addresses can be aliased to
the same device, but how getifaddrs handles returning addresses I just
don't have recent exposure to..
>
> If you want to listen on IPv6, don't configure an IPv4 address on the
> network and vice versa. This attribute does not seem that useful to me.
>
> The original bug
>
https://bugzilla.redhat.com/show_bug.cgi?id=1192318
> complained about 'no usable address'
>
> I think the bug here is not treating an ipv6 address as an IP address,
> not that we cannot choose the attribute by family.
>
> Jan
>
hmmm... true we're really just looking to get "an" address and
shouldn't
care what style it is. However, what if someone has both configured and
wants to force usage of one over the other? Maybe they've separate
their IPv4 and IPv6 addresses to connect to different places. Perhaps
forcing certain protocols over IPv6 rather than IPv4? Since both can be
defined in one <network> object - it's possible - how or why it would be
done I haven't given too much thought to.
They can configure another separate network, or create a hook that fills
in the proper <listen type='address'>.
If we allow filtering by family, should we also introduce filtering by a
netmask?
Jan