vm startup removes current ipv6 settings

[ctradmin]

Hi there,

im trying to use ipv6 only HVs, cause we are running low on ipv4 addresses.
so the problem is when is start one vm which is using the same vlan here 102 the ipv6 configuration gets flushed from the kernel.

auto lo
iface lo inet loopback

auto bond0
iface bond0 inet manual
        bond_mode 802.3ad
        bond_miimon 100
        bond_downdelay 200
        bond_updelay 200
        bond_slaves eth0 eth1
        bond_xmit_hash_policy layer3+4
        bond_lacp_rate fast

auto vmbr0
iface vmbr0 inet static
        bridge_ports bond0
        bridge_stp off
        bridge_fd 0
        address 0.0.0.0

auto bond0.102
        iface bond0.102 inet manual
        vlan-raw-device bond0

auto bond0.605
        iface bond0.605 inet manual
        vlan-raw-device bond0

auto vmbr0v605
iface vmbr0v605 inet static
        bridge_ports bond0.605
        bridge_stp off
        bridge_fd 0
        address 10.200.200.11
        netmask 255.255.255.0

auto vmbr0v102
iface vmbr0v102 inet6 static
        bridge_ports bond0.102
        bridge_stp off
        bridge_fd 0
        address 2a00:6140:102:31::1
        netmask 48
        gateway 2a00:6140:102::1

Before:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 0c:c4:7a:e2:6d:90 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 0c:c4:7a:e2:6d:91 brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
5: eth3: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
6: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
7: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::225:90ff:fe77:4262/64 scope link
       valid_lft forever preferred_lft forever
9: bond0.605@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0v605 state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
10: vmbr0v605: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
    inet 10.200.200.11/24 brd 10.200.200.255 scope global vmbr0v605
       valid_lft forever preferred_lft forever
32: vmbr0v102: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
    inet6 2a00:6140:102:31::1/48 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::225:90ff:fe77:4262/64 scope link
       valid_lft forever preferred_lft forever
33: bond0.102@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu

After:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 0c:c4:7a:e2:6d:90 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 0c:c4:7a:e2:6d:91 brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
5: eth3: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
6: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
7: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::225:90ff:fe77:4262/64 scope link
       valid_lft forever preferred_lft forever
9: bond0.605@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0v605 state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
10: vmbr0v605: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
    inet 10.200.200.11/24 brd 10.200.200.255 scope global vmbr0v605
       valid_lft forever preferred_lft forever
32: vmbr0v102: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
33: bond0.102@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0v102 state UP group default qlen 1000
    link/ether 00:25:90:77:42:62 brd ff:ff:ff:ff:ff:ff
34: tap101i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr0v102 state UNKNOWN group default qlen 1000
    link/ether aa:2a:d1:b4:2e:9f brd ff:ff:ff:ff:ff:ff
35: tap101i1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr0v605 state UNKNOWN group default qlen 1000
    link/ether 9a:95:4e:14:d0:ba brd ff:ff:ff:ff:ff:ff

is there something that i missing?
​

 

[ctradmin]

so today i have tracked it down to

Without VM:

root@rs0601:~# for ip in $(find /proc/sys/net/ipv6/conf/ -name disable_ipv6); do echo -n "$ip   "; cat $ip; done
/proc/sys/net/ipv6/conf/all/disable_ipv6   0
/proc/sys/net/ipv6/conf/bond0/disable_ipv6   1
/proc/sys/net/ipv6/conf/bond0.102/disable_ipv6   1
/proc/sys/net/ipv6/conf/bond0.605/disable_ipv6   1
/proc/sys/net/ipv6/conf/default/disable_ipv6   0
/proc/sys/net/ipv6/conf/eth0/disable_ipv6   0
/proc/sys/net/ipv6/conf/eth1/disable_ipv6   0
/proc/sys/net/ipv6/conf/eth2/disable_ipv6   0
/proc/sys/net/ipv6/conf/eth3/disable_ipv6   0
/proc/sys/net/ipv6/conf/lo/disable_ipv6   0
/proc/sys/net/ipv6/conf/tun0/disable_ipv6   0
/proc/sys/net/ipv6/conf/vmbr0/disable_ipv6   0
/proc/sys/net/ipv6/conf/vmbr0v102/disable_ipv6   0
/proc/sys/net/ipv6/conf/vmbr0v605/disable_ipv6   0

With VM:

root@rs0601:~# ip -6 addr add 2a00:6140:102:31::1/48 dev vmbr0v102
RTNETLINK answers: Permission denied

root@rs0601:~# for ip in $(find /proc/sys/net/ipv6/conf/ -name disable_ipv6); do echo -n "$ip   "; cat $ip; done
/proc/sys/net/ipv6/conf/all/disable_ipv6   0
/proc/sys/net/ipv6/conf/bond0/disable_ipv6   1
/proc/sys/net/ipv6/conf/bond0.102/disable_ipv6   1
/proc/sys/net/ipv6/conf/bond0.605/disable_ipv6   1
/proc/sys/net/ipv6/conf/default/disable_ipv6   0
/proc/sys/net/ipv6/conf/eth0/disable_ipv6   0
/proc/sys/net/ipv6/conf/eth1/disable_ipv6   0
/proc/sys/net/ipv6/conf/eth2/disable_ipv6   0
/proc/sys/net/ipv6/conf/eth3/disable_ipv6   0
/proc/sys/net/ipv6/conf/lo/disable_ipv6   0
/proc/sys/net/ipv6/conf/tap100i0/disable_ipv6   1
/proc/sys/net/ipv6/conf/tun0/disable_ipv6   0
/proc/sys/net/ipv6/conf/vmbr0/disable_ipv6   0
/proc/sys/net/ipv6/conf/vmbr0v102/disable_ipv6   1
/proc/sys/net/ipv6/conf/vmbr0v605/disable_ipv6   0

so something is disabling it
when i manually fixing it it works. until the Next VM starts with vlan 102

root@rs0601:~# echo 0 > /proc/sys/net/ipv6/conf/vmbr0v102/disable_ipv6
root@rs0601:~# ip -6 addr add 2a00:6140:102:31::1/48 dev vmbr0v102
root@rs0601:~# ip -d route add default via 2a00:6140:102::1

 

[fabian]

posting the same problem in three places makes it kind of hard to keep track, anyway

this is intentional: https://git.proxmox.com/?p=pve-common.git;a=commit;h=f3ccd9b4b9bad4c762c63ef144600c4e7016640f

you are naming your bridges like PVE names the ones it creates for bridges without vlan-filtering, so PVE thinks those are "ours" to do as we please. misusing internal implementation details (like the naming and behaviour of autogenerated bridges) is not guaranteed to work forever. I suggest moving your bridges into the name space where they belong (/vmbr\d+/).

 

[ctradmin]

so i have changed the name spaces like https://pve.proxmox.com/wiki/Network_Model#Naming_Conventions

auto lo
iface lo inet loopback

auto bond0
iface bond0 inet manual
        bond_mode 802.3ad
        bond_miimon 100
        bond_downdelay 200
        bond_updelay 200
        bond_slaves eth2 eth3
        bond_xmit_hash_policy layer3+4
        bond_lacp_rate fast

auto vmbr0
iface vmbr0 inet static
        bridge_ports bond0
        vlan-raw-device bond0
        bridge_stp off
        bridge_fd 0
        address 0.0.0.0

auto vmbr102
iface vmbr102 inet6 static
        bridge_ports bond0.102
        vlan-raw-device bond0
        bridge_stp off
        bridge_fd 0
        address 2a00:6140:102:31::1
        netmask 48
        gateway 2a00:6140:102::1

auto vmbr605
iface vmbr605 inet static
        bridge_ports bond0.605
        vlan-raw-device bond0
        bridge_stp off
        bridge_fd 0
        address 10.200.200.11
        netmask 255.255.255.0

but now i cant start the VMs because

interface bond0.102 already exist in bridge vmbr102
kvm: -netdev type=tap,id=net0,ifname=tap100i0,script=/var/lib/qemu-server/pve-bridge,downscript=/var/lib/qemu-server/pve-bridgedown,vhost=on: network script /var/lib/qemu-server/pve-bridge failed with status 6400
TASK ERROR: start failed: command '/usr/bin/kvm -id 100 -chardev 'socket,id=qmp,path=/var/run/qemu-server/100.qmp,server,nowait' -mon 'chardev=qmp,mode=control' -pidfile /var/run/qemu-server/100.pid -daemonize -smbios 'type=1,uuid=005d130e-2930-4981-8a6c-fbb1fb9cb289' -name xv10145 -smp '2,sockets=1,cores=2,maxcpus=2' -nodefaults -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' -vga cirrus -vnc unix:/var/run/qemu-server/100.vnc,x509,password -cpu kvm64,+lahf_lm,+sep,+kvm_pv_unhalt,+kvm_pv_eoi,enforce -m 2048 -k de -device 'pci-bridge,id=pci.1,chassis_nr=1,bus=pci.0,addr=0x1e' -device 'pci-bridge,id=pci.2,chassis_nr=2,bus=pci.0,addr=0x1f' -device 'piix3-usb-uhci,id=uhci,bus=pci.0,addr=0x1.0x2' -device 'usb-tablet,id=tablet,bus=uhci.0,port=1' -device 'virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3' -drive 'if=none,id=drive-ide2,media=cdrom,aio=threads' -device 'ide-cd,bus=ide.1,unit=0,drive=drive-ide2,id=ide2,bootindex=200' -device 'virtio-scsi-pci,id=scsihw0,bus=pci.0,addr=0x5' -drive 'file=rbd:pool-327866/vm-100-disk-1:mon_host=10.200.200.201;10.200.200.202;10.200.200.203:id=admin:auth_supported=cephx:keyring=/etc/pve/priv/ceph/ceph-327866.keyring,if=none,id=drive-scsi0,format=raw,cache=none,aio=native,detect-zeroes=on' -device 'scsi-hd,bus=scsihw0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0,id=scsi0,bootindex=100' -netdev 'type=tap,id=net0,ifname=tap100i0,script=/var/lib/qemu-server/pve-bridge,downscript=/var/lib/qemu-server/pve-bridgedown,vhost=on' -device 'virtio-net-pci,mac=12:94:22:C3:33:AB,netdev=net0,bus=pci.0,addr=0x12,id=net0,bootindex=300'' failed: exit code 1

currently i belive that is not possible to run the hv and the vm in the same vlan without wasting more hardware NICs and keep vlan tagging for the GUI working with one central bridge

 

[fabian]

maybe I am misunderstanding something, but the following works here (without disabling ipv6 on the bridges):

# cat /etc/network/interfaces
auto lo
iface lo inet loopback

iface ens21 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.XX.YY
        netmask 255.255.240.0
        gateway 192.168.XX.ZZ
        bridge_ports ens21
        bridge_stp off
        bridge_fd 0

iface ens18 inet manual

iface ens19 inet manual

iface ens20 inet manual

auto bond0
iface bond0 inet manual
        bond_mode 802.3ad
        bond_miimon 100
        bond_downdelay 200
        bond_updelay 200
        bond_slaves ens18 ens19
        bond_xmit_hash_policy layer3+4
        bond_lacp_rate fast

auto vmbr102
iface vmbr102 inet6 static
        bridge_ports bond0.102
        vlan-raw-device bond0
        bridge_stp off
        bridge_fd 0
        address 2a00:6140:102:31::1
        netmask 48
        gateway 2a00:6140:102::1

auto vmbr605
iface vmbr605 inet static
        bridge_ports bond0.605
        vlan-raw-device bond0
        bridge_stp off
        bridge_fd 0
        address 10.200.200.11
        netmask 255.255.255.0

before:

# ip l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens18: <NO-CARRIER,BROADCAST,MULTICAST,SLAVE,UP> mtu 1500 qdisc pfifo_fast master bond0 state DOWN mode DEFAULT group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
3: ens21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr0 state UP mode DEFAULT group default qlen 1000
    link/ether 56:ab:e4:f3:bd:aa brd ff:ff:ff:ff:ff:ff
4: ens20: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether ea:f7:38:18:11:fe brd ff:ff:ff:ff:ff:ff
5: ens19: <NO-CARRIER,BROADCAST,MULTICAST,SLAVE,UP> mtu 1500 qdisc pfifo_fast master bond0 state DOWN mode DEFAULT group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
6: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether 56:ab:e4:f3:bd:aa brd ff:ff:ff:ff:ff:ff
7: bond0: <NO-CARRIER,BROADCAST,MULTICAST,MASTER,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
8: bond0.102@bond0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master vmbr102 state LOWERLAYERDOWN mode DEFAULT group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
9: vmbr102: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
10: vmbr605: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
11: bond0.605@bond0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master vmbr605 state LOWERLAYERDOWN mode DEFAULT group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff

# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens18: <NO-CARRIER,BROADCAST,MULTICAST,SLAVE,UP> mtu 1500 qdisc pfifo_fast master bond0 state DOWN group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
3: ens21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr0 state UP group default qlen 1000
    link/ether 56:ab:e4:f3:bd:aa brd ff:ff:ff:ff:ff:ff
4: ens20: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether ea:f7:38:18:11:fe brd ff:ff:ff:ff:ff:ff
5: ens19: <NO-CARRIER,BROADCAST,MULTICAST,SLAVE,UP> mtu 1500 qdisc pfifo_fast master bond0 state DOWN group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
6: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 56:ab:e4:f3:bd:aa brd ff:ff:ff:ff:ff:ff
    inet 192.168.31.13/20 brd 192.168.31.255 scope global vmbr0
       valid_lft forever preferred_lft forever
    inet6 fe80::54ab:e4ff:fef3:bdaa/64 scope link
       valid_lft forever preferred_lft forever
7: bond0: <NO-CARRIER,BROADCAST,MULTICAST,MASTER,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
8: bond0.102@bond0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master vmbr102 state LOWERLAYERDOWN group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
9: vmbr102: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
    inet6 2a00:6140:102:31::1/48 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::3815:61ff:feb4:d832/64 scope link
       valid_lft forever preferred_lft forever
10: vmbr605: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
    inet 10.200.200.11/24 brd 10.200.200.255 scope global vmbr605
       valid_lft forever preferred_lft forever
11: bond0.605@bond0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master vmbr605 state LOWERLAYERDOWN group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff

/proc/sys/net/ipv6/conf/all/disable_ipv6: 0
/proc/sys/net/ipv6/conf/bond0.102/disable_ipv6: 1
/proc/sys/net/ipv6/conf/bond0.605/disable_ipv6: 1
/proc/sys/net/ipv6/conf/bond0/disable_ipv6: 1
/proc/sys/net/ipv6/conf/default/disable_ipv6: 0
/proc/sys/net/ipv6/conf/ens18/disable_ipv6: 0
/proc/sys/net/ipv6/conf/ens19/disable_ipv6: 0
/proc/sys/net/ipv6/conf/ens20/disable_ipv6: 0
/proc/sys/net/ipv6/conf/ens21/disable_ipv6: 1
/proc/sys/net/ipv6/conf/lo/disable_ipv6: 0
/proc/sys/net/ipv6/conf/vmbr0/disable_ipv6: 0
/proc/sys/net/ipv6/conf/vmbr102/disable_ipv6: 0
/proc/sys/net/ipv6/conf/vmbr605/disable_ipv6: 0

relevant config:

# qm config 100 | grep net0
net0: virtio=66:C9:E9:A1:A9:87,bridge=vmbr102

# qm start 100
# qm list
      VMID NAME                 STATUS     MEM(MB)    BOOTDISK(GB) PID
       100 VM 100               running    512                1.00 3904

after:

root@pve:~# ip l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens18: <NO-CARRIER,BROADCAST,MULTICAST,SLAVE,UP> mtu 1500 qdisc pfifo_fast master bond0 state DOWN mode DEFAULT group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
3: ens21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr0 state UP mode DEFAULT group default qlen 1000
    link/ether 56:ab:e4:f3:bd:aa brd ff:ff:ff:ff:ff:ff
4: ens20: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether ea:f7:38:18:11:fe brd ff:ff:ff:ff:ff:ff
5: ens19: <NO-CARRIER,BROADCAST,MULTICAST,SLAVE,UP> mtu 1500 qdisc pfifo_fast master bond0 state DOWN mode DEFAULT group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
6: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether 56:ab:e4:f3:bd:aa brd ff:ff:ff:ff:ff:ff
7: bond0: <NO-CARRIER,BROADCAST,MULTICAST,MASTER,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
8: bond0.102@bond0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master vmbr102 state LOWERLAYERDOWN mode DEFAULT group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
9: vmbr102: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
10: vmbr605: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
11: bond0.605@bond0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master vmbr605 state LOWERLAYERDOWN mode DEFAULT group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
12: tap100i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr102 state UNKNOWN mode DEFAULT group default qlen 1000
    link/ether de:0f:89:e0:dc:ba brd ff:ff:ff:ff:ff:ff

# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens18: <NO-CARRIER,BROADCAST,MULTICAST,SLAVE,UP> mtu 1500 qdisc pfifo_fast master bond0 state DOWN group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
3: ens21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr0 state UP group default qlen 1000
    link/ether 56:ab:e4:f3:bd:aa brd ff:ff:ff:ff:ff:ff
4: ens20: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether ea:f7:38:18:11:fe brd ff:ff:ff:ff:ff:ff
5: ens19: <NO-CARRIER,BROADCAST,MULTICAST,SLAVE,UP> mtu 1500 qdisc pfifo_fast master bond0 state DOWN group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
6: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 56:ab:e4:f3:bd:aa brd ff:ff:ff:ff:ff:ff
    inet 192.168.31.13/20 brd 192.168.31.255 scope global vmbr0
       valid_lft forever preferred_lft forever
    inet6 fe80::54ab:e4ff:fef3:bdaa/64 scope link
       valid_lft forever preferred_lft forever
7: bond0: <NO-CARRIER,BROADCAST,MULTICAST,MASTER,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
8: bond0.102@bond0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master vmbr102 state LOWERLAYERDOWN group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
9: vmbr102: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
    inet6 2a00:6140:102:31::1/48 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::3815:61ff:feb4:d832/64 scope link
       valid_lft forever preferred_lft forever
10: vmbr605: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
    inet 10.200.200.11/24 brd 10.200.200.255 scope global vmbr605
       valid_lft forever preferred_lft forever
11: bond0.605@bond0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master vmbr605 state LOWERLAYERDOWN group default qlen 1000
    link/ether 3a:15:61:b4:d8:32 brd ff:ff:ff:ff:ff:ff
12: tap100i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr102 state UNKNOWN group default qlen 1000
    link/ether de:0f:89:e0:dc:ba brd ff:ff:ff:ff:ff:ff

disable_ipv6 is identical on all the previously existing interfaces.

 

[ctradmin]

so i better explain it a litte bit more

we have here a huge deployment/monitoring and cloud system where we have determined that every vm belongs to vmbr0 + vlantag
with your configuration i need to make an exception for the vlans that were used by the hv.
or i create for every vlan i use one bridge but that sound like a lot of work

after messing around with tap devices i have read this: http://virt.kernelnewbies.org/MacVTap
i have created a own virtual adapter and added to the bridge so i only need one vmbr0 and havent to switch the bridge in the vm config

auto lo
iface lo inet loopback

# basic bond
auto bond0
iface bond0 inet manual
        bond_mode 802.3ad
        bond_miimon 100
        bond_downdelay 200
        bond_updelay 200
        bond_slaves eth0 eth1
        bond_xmit_hash_policy layer3+4
        bond_lacp_rate fast

# we need this to start the vms
auto vmbr0
iface vmbr0 inet static
        bridge_ports bond0
        bridge_stp off
        bridge_fd 0
        address 0.0.0.0

# we need this at boot to add the hv0 device
auto vmbr0v102
iface vmbr0v102 inet static
        bridge_ports bond0.102
        bridge_stp off
        bridge_fd 0
        address 0.0.0.0

# adds a virtual hv0 adapter to pve bridge
auto hv0
iface hv0 inet6 static
        pre-up ip link add link vmbr0v102 name hv0 type macvtap
        pre-up ip link set hv0 address 1a:46:0b:ca:bc:7b up
        post-down ip link del dev hv0
        address 2a00:cdba:102:31::1/48
        gateway 2a00:cdba:102::1

hopefully you proxmox guys wont break that to in the future i will request this or an alternative solution whats working like this as a feature so where can i do this?

 

[fabian]

so i better explain it a litte bit more

we have here a huge deployment/monitoring and cloud system where we have determined that every vm belongs to vmbr0 + vlantag
with your configuration i need to make an exception for the vlans that were used by the hv.
or i create for every vlan i use one bridge but that sound like a lot of work

after messing around with tap devices i have read this: http://virt.kernelnewbies.org/MacVTap
i have created a own virtual adapter and added to the bridge so i only need one vmbr0 and havent to switch the bridge in the vm config

auto lo
iface lo inet loopback

# basic bond
auto bond0
iface bond0 inet manual
        bond_mode 802.3ad
        bond_miimon 100
        bond_downdelay 200
        bond_updelay 200
        bond_slaves eth0 eth1
        bond_xmit_hash_policy layer3+4
        bond_lacp_rate fast

# we need this to start the vms
auto vmbr0
iface vmbr0 inet static
        bridge_ports bond0
        bridge_stp off
        bridge_fd 0
        address 0.0.0.0

# we need this at boot to add the hv0 device
auto vmbr0v102
iface vmbr0v102 inet static
        bridge_ports bond0.102
        bridge_stp off
        bridge_fd 0
        address 0.0.0.0

# adds a virtual hv0 adapter to pve bridge
auto hv0
iface hv0 inet6 static
        pre-up ip link add link vmbr0v102 name hv0 type macvtap
        pre-up ip link set hv0 address 1a:46:0b:ca:bc:7b up
        post-down ip link del dev hv0
        address 2a00:cdba:102:31::1/48
        gateway 2a00:cdba:102::1

hopefully you proxmox guys wont break that to in the future i will request this or an alternative solution whats working like this as a feature so where can i do this?

https://bugzilla.proxmox.com is the place for feature requests. if you want to discuss concrete implementation details or proposals, pve-devel@pve.proxmox.com probably reaches a wider audience of developers.