[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-ha-dev
Subject: Re: [Linux-ha-dev] [RFC] IPaddr2: Proposal patch to support the dual stack of IPv4 and IPv6.
From: Alan Robertson <alanr () unix ! sh>
Date: 2012-05-31 7:38:37
Message-ID: 4FC71FFD.8040802 () unix ! sh
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
It's straightforward to determine if an IP address is link-local or not
- for an already configured address.
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
state UP qlen 1000
link/ether 94:db:c9:3f:7c:20 brd ff:ff:ff:ff:ff:ff
inet 10.10.10.30/24 brd 10.10.10.255 *scope global* eth1
inet6 fe80::96db:c9ff:fe3f:7c20/64 *scope link *
valid_lft forever preferred_lft forever
This works uniformly for both ipv4 and ipv6 addresses (quite nice!)
However, for addresses which are not yet up (which is unfortunately what
you're concerned with), ipv6 link-local addresses take the form
fe80:: -- followed by 64-bits of MAC addresses (48 bit
MACs are padded out)
http://en.wikipedia.org/wiki/Link-local_address
MAC addresses never begin with 4 bytes of zeros, so the regular
expression to match this is pretty straightforward. This isn't a bad
approximation (but could easily be made better):
islinklocal() {
if
echo $1 | grep -i '^fe80::[^:]*:[^:]*:[^:]*:[^:]*$' >/dev/null
then
echo "$1 is link-local"
else
echo "$1 is NOT link-local"
fi
}
On 05/31/2012 12:29 AM, Keisuke MORI wrote:
> I would like to propose an enhancement of IPaddr2 to support IPv6 as
> well as IPv4.
>
> I've submitted this as a pull request #97 but also posting to the ML
> for a wider audience.
>
> I would appreciate your comments and suggestions for merging this into
> the upstream.
>
> ----
> [RFC] IPaddr2: Proposal patch to support the dual stack of IPv4 and IPv6.
> https://github.com/ClusterLabs/resource-agents/pull/97
>
>
> ## Benefits:
>
> * Unify the usage, behavior and the code maintenance between IPv4 and
> IPv6 on Linux.
>
> The usage of IPaddr2 and IPv6addr are similar but they have
> different parameters and different behaviors.
> In particular, they may choose a different interface depending
> on your configuration even if you provided similar parameters
> in the past.
>
> IPv6addr is written in C and rather hard to make improvements.
> As /bin/ip already supports both IPv4 and IPv6, we can share
> the most of the code of IPaddr2 written in bash.
>
> * usable for LVS on IPv6.
>
> IPv6addr does not support lvs_support=true and unfortunately
> there is no possible way to use LVS on IPv6 right now.
>
> IPaddr2(/bin/ip) works for LVS configurations without
> enabling lvs_support both for IPv4 and IPv6.
>
> (You don't have to remove an address on the loopback interface
> if the virtual address is assigned by using /bin/ip.)
>
> See also:
> http://www.gossamer-threads.com/lists/linuxha/dev/76429#76429
>
> * retire the old 'findif' binary.
>
> 'findif' binary is replaced by a shell script version of
> findif, originally developed by lge.
> See findif could be rewritten in shell :
> https://github.com/ClusterLabs/resource-agents/issues/53
>
> * easier support for other pending issues
>
> These pending issues can be fix based on this new IPaddr2.
> * Allow ipv6addr to mark new address as deprecated
> https://github.com/ClusterLabs/resource-agents/issues/68
> * New RA that controls IPv6 address in loopback interface
> https://github.com/ClusterLabs/resource-agents/pull/77
>
>
> ## Notes / Changes:
>
> * findif semantics changes
>
> There are some incompatibility in deciding which interface to
> be used when your configuration is ambiguous. But in reality
> it should not be a problem as long as it's configured properly.
>
> The changes mostly came from fixing a bug in the findif binary
> (returns a wrong broadcast) or merging the difference between
> (old)IPaddr2 and IPv6addr.
> See the ofct test cases for details.
> (case No.6, No.9, No.10, No.12, No.15 in IPaddr2v4 test cases)
>
> Other notable changes are described below.
>
> * "broadcast" parameter for IPv4
>
> "broadcast" parameter may be required along with "cidr_netmask"
> when you want use a different subnet mask from the static IP address.
> It's because doing such calculation is difficult in the shell
> script version of findif.
>
> See the ofct test cases for details.
> (case No.11, No.14, No.16, No.17 in IPaddr2v4 test cases)
>
> This limitation may be eliminated if we would remove
> brd options from the /bin/ip command line.
>
> * loopback(lo) now requires cidr_netmask or broadcast.
>
> See the ofct test case in the IPaddr2 ocft script.
> The reason is similar to the previous one.
>
> * loose error check for "nic" for a IPv6 link-local address.
>
> IPv6addr was able to check this, but in the shell script it is
> hard to determine a link-local address (requires bitmask calculation).
> I do not think it's worth to implement it in shell.
>
> * send_ua: a new binary
>
> We need one new binary as a replacement of send_arp for IPv6 support.
> IPv6addr.c is reused to make this command.
>
>
> Note that IPv6addr RA is still there and you can continue to use
> it for the backward compatibility.
>
>
> ## Acknowledgement
>
> Thanks to Tomo Nozawa-san for his hard work for writing and
> testing this patch.
>
> Thanks to Lars Ellenberg for the first findif.sh implementation.
> ----
>
> Best Regards,
>
[Attachment #5 (text/html)]
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
It's straightforward to determine if an IP address is link-local or
not - for an already configured address.<br>
<br>
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast state UP qlen 1000<br>
link/ether 94:db:c9:3f:7c:20 brd ff:ff:ff:ff:ff:ff<br>
inet 10.10.10.30/24 brd 10.10.10.255 <b>scope global</b> \
eth1<br> inet6 fe80::96db:c9ff:fe3f:7c20/64 <b>scope link \
</b><br> valid_lft forever preferred_lft \
forever<br> <br>
This works uniformly for both ipv4 and ipv6 addresses (quite nice!)<br>
<br>
However, for addresses which are not yet up (which is unfortunately
what you're concerned with), ipv6 link-local addresses take the form<br>
\
fe80:: -- followed by 64-bits of MAC addresses (48 bit MACs are padded out)<br>
<br>
<a class="moz-txt-link-freetext" \
href="http://en.wikipedia.org/wiki/Link-local_address">http://en.wikipedia.org/wiki/Link-local_address</a><br>
<br>
MAC addresses never begin with 4 bytes of zeros, so the regular
expression to match this is pretty straightforward. This isn't a
bad approximation (but could easily be made better):<br>
<br>
islinklocal() {<br>
if<br>
echo $1 | grep -i \
'^fe80::[^:]*:[^:]*:[^:]*:[^:]*$' >/dev/null<br>
then<br>
echo "$1 is link-local"<br>
else<br>
echo "$1 is NOT link-local"<br>
fi<br>
}<br>
<br>
<br>
<br>
<br>
On 05/31/2012 12:29 AM, Keisuke MORI wrote:
<blockquote
cite="mid:CAJM6Fh8m1sig0=TfM90GPesY413JbT22-SMWuXQ7jatBfzz=BA@mail.gmail.com"
type="cite">
<pre wrap="">I would like to propose an enhancement of IPaddr2 to support IPv6 \
as well as IPv4.
I've submitted this as a pull request #97 but also posting to the ML
for a wider audience.
I would appreciate your comments and suggestions for merging this into
the upstream.
----
[RFC] IPaddr2: Proposal patch to support the dual stack of IPv4 and IPv6.
<a class="moz-txt-link-freetext" \
href="https://github.com/ClusterLabs/resource-agents/pull/97">https://github.com/ClusterLabs/resource-agents/pull/97</a>
## Benefits:
* Unify the usage, behavior and the code maintenance between IPv4 and
IPv6 on Linux.
The usage of IPaddr2 and IPv6addr are similar but they have
different parameters and different behaviors.
In particular, they may choose a different interface depending
on your configuration even if you provided similar parameters
in the past.
IPv6addr is written in C and rather hard to make improvements.
As /bin/ip already supports both IPv4 and IPv6, we can share
the most of the code of IPaddr2 written in bash.
* usable for LVS on IPv6.
IPv6addr does not support lvs_support=true and unfortunately
there is no possible way to use LVS on IPv6 right now.
IPaddr2(/bin/ip) works for LVS configurations without
enabling lvs_support both for IPv4 and IPv6.
(You don't have to remove an address on the loopback interface
if the virtual address is assigned by using /bin/ip.)
See also:
<a class="moz-txt-link-freetext" \
href="http://www.gossamer-threads.com/lists/linuxha/dev/76429#76429">http://www.gossamer-threads.com/lists/linuxha/dev/76429#76429</a>
* retire the old 'findif' binary.
'findif' binary is replaced by a shell script version of
findif, originally developed by lge.
See findif could be rewritten in shell :
<a class="moz-txt-link-freetext" \
href="https://github.com/ClusterLabs/resource-agents/issues/53">https://github.com/ClusterLabs/resource-agents/issues/53</a>
* easier support for other pending issues
These pending issues can be fix based on this new IPaddr2.
* Allow ipv6addr to mark new address as deprecated
<a class="moz-txt-link-freetext" \
href="https://github.com/ClusterLabs/resource-agents/issues/68">https://github.com/ClusterLabs/resource-agents/issues/68</a>
* New RA that controls IPv6 address in loopback interface
<a class="moz-txt-link-freetext" \
href="https://github.com/ClusterLabs/resource-agents/pull/77">https://github.com/ClusterLabs/resource-agents/pull/77</a>
## Notes / Changes:
* findif semantics changes
There are some incompatibility in deciding which interface to
be used when your configuration is ambiguous. But in reality
it should not be a problem as long as it's configured properly.
The changes mostly came from fixing a bug in the findif binary
(returns a wrong broadcast) or merging the difference between
(old)IPaddr2 and IPv6addr.
See the ofct test cases for details.
(case No.6, No.9, No.10, No.12, No.15 in IPaddr2v4 test cases)
Other notable changes are described below.
* "broadcast" parameter for IPv4
"broadcast" parameter may be required along with "cidr_netmask"
when you want use a different subnet mask from the static IP address.
It's because doing such calculation is difficult in the shell
script version of findif.
See the ofct test cases for details.
(case No.11, No.14, No.16, No.17 in IPaddr2v4 test cases)
This limitation may be eliminated if we would remove
brd options from the /bin/ip command line.
* loopback(lo) now requires cidr_netmask or broadcast.
See the ofct test case in the IPaddr2 ocft script.
The reason is similar to the previous one.
* loose error check for "nic" for a IPv6 link-local address.
IPv6addr was able to check this, but in the shell script it is
hard to determine a link-local address (requires bitmask calculation).
I do not think it's worth to implement it in shell.
* send_ua: a new binary
We need one new binary as a replacement of send_arp for IPv6 support.
IPv6addr.c is reused to make this command.
Note that IPv6addr RA is still there and you can continue to use
it for the backward compatibility.
## Acknowledgement
Thanks to Tomo Nozawa-san for his hard work for writing and
testing this patch.
Thanks to Lars Ellenberg for the first findif.sh implementation.
----
Best Regards,
</pre>
</blockquote>
<br>
</body>
</html>
_______________________________________________________
Linux-HA-Dev: Linux-HA-Dev@lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev
Home Page: http://linux-ha.org/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic