On Tue, Mar 10, 2015 at 07:43:16PM -0400, John Ferlan wrote:
On 03/10/2015 12:58 PM, Ján Tomko wrote:
On Mon, Mar 09, 2015 at 08:04:59PM -0400, John Ferlan wrote:
From: Luyao Huang <lhuang@redhat.com>
If an interface or network has both ipv6 and ipv4 addresses which can be used, we do not know which to use as a listen address. This patch introduces the 'family' attribute to allow the XML to determine whether the desire is to use IPv6 instead of IPv4 as the listen family to use. The default will remain IPv4.
As Laine mentioned in his reply to v1: https://www.redhat.com/archives/libvir-list/2015-February/msg01080.html This is intended to be run only on networks with one address. With more addresses, you cannot control which one to use.
It's been a while since I've had to "think" whether getifaddrs() would return the same IPv4 address in the "first" entry as would be return from the ioctl(SIOCGIFADDR)... IIRC, IPv4 addresses can be aliased to the same device, but how getifaddrs handles returning addresses I just don't have recent exposure to..
If you want to listen on IPv6, don't configure an IPv4 address on the network and vice versa. This attribute does not seem that useful to me.
The original bug https://bugzilla.redhat.com/show_bug.cgi?id=1192318 complained about 'no usable address'
I think the bug here is not treating an ipv6 address as an IP address, not that we cannot choose the attribute by family.
Jan
hmmm... true we're really just looking to get "an" address and shouldn't care what style it is. However, what if someone has both configured and wants to force usage of one over the other? Maybe they've separate their IPv4 and IPv6 addresses to connect to different places. Perhaps forcing certain protocols over IPv6 rather than IPv4? Since both can be defined in one <network> object - it's possible - how or why it would be done I haven't given too much thought to.
They can configure another separate network, or create a hook that fills in the proper <listen type='address'>. If we allow filtering by family, should we also introduce filtering by a netmask? Jan