IPv6 ::1 isolation

Eugen Leitl eugen at leitl.org
Sat Jul 30 13:05:07 CEST 2011 

Will the lack of real ::1 in a virtual server guest
be a serious problem, or will I be able to survive
by allocating a /64 to the physical host, and suitable
subnets (octet-aligned, presumably) to the guests?

----- Forwarded message from Herbert Poetzl <herbert at 13thfloor.at> -----

From: Herbert Poetzl <herbert at 13thfloor.at>
Date: Thu, 28 Jul 2011 14:56:41 +0200
To: vserver at list.linux-vserver.org
Cc: Eugen Leitl <eugen at leitl.org>, Ghislain <gadnet at aqueos.com>,
	Ed W <lists at wildgooses.com>, Roman Vesely <roman at liten.cz>
Subject: IPv6 ::1 isolation
User-Agent: Mutt/1.5.11


IPv6 ::1 isolation is considered the equivalent to
the currently implemented 127.x.y.1 lback (re)mapping
which allows multiple guests to use isolated 127.0.0.1
by mapping 127.0.0.1 to a placeholder IP (127.x.y.1)
and back so that services can bind to separate addresses
this is done in a transparent way so that the guest
always sees 127.0.0.1

a similar approach with certain dedicated IPv6 ips
should (at least in theory) provide the equivalent
for IPv6 (good candidates come from the IPv4 mapped
range, the link local fe80::/10, and the unique
local fc00::/7 range)

the basic mapping (forward and backward), the kernel
interface changes (to support setting the IPv6 lback)
and the necessary changes to generate the auto lback
will roughly take 25-35 hours of work, including basic
testing

of course, testing done by folks actually using IPv6
(I'm still using IPv4 for almost everything) would
be necessary to iron out issues, but I guess that will
be gladly provided by the interested parties :)

I can work at a hourly rate of 50 EUR for this specific
project (excluding taxes) and provide an invoice.

there are no guarantees that this will actually work
but all code checks and discussions done with IPv6
folks so far make me believe that it will just work
like the IPv4 lback isolation.

pleas use this thread to coordinate if you want this
feature to be implemented (target kernel is 3.0 unless
the overwhelming majority wants a different branch)

many thanks in advance,
Herbert

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the ipv6-ops mailing list