What is still not working in an IPv6 only (mesh network) setup

hevisko

Renowned Member
Nov 15, 2012
63
6
73
In this thread I'd like to put all the things that still is not working 100% for a pure IPv6 deployment of a Proxmox PVE cluster (Typically in a mesh type setup). I miss a Wiki page so want to use this as that in the mean time - well.. I do push some IPv6 envelopes ;)

I'd like to add the work arounds and tickets (especially the upstream related tickets) if appropriate.

Note: I believe that a single stand-alone PVE node (especially home setup and all storage directly attached) with IPv6 only should work without issues, but the problems starts when you added the rest of the networking that things start to break in strange ways.

To be aware( Mesh related issues):
  • Corosync in a mesh had problems circa 8.3.5 with flooding the logs
    • issue with kronosnet(sp?) warning on packets arriving on "wrong" physical interface while the IPs are bound to the loopback interfaces and routed accordingly
    • PVE fix at since 8.4.0(?), upstream to still fix
  • FRR's (10.3.1 last checked) IS-IS doesn't yet work with unnumbered IPv4 interfaces
    • IPv6 routes are working and propagated
    • IPv4 routes aren't "imported" as there is no IPv4 "destination" next-hop
    • Rather use OpenFabric - assumption P2P links-only
    • when you need to use it (typically LAN/multiple IS-IS neighbours/peers in the interface) assign IPv4 IP... any IP, and just a /32 will suffice - typically I assign/add the loopback IPv4 to those interfaces and it'll work

"Broken" with IPv6

  • ifupdown2
    • VxLAN endpoints do not support IPv6
      • Linux kernel and iproute2 do support it
      • ifupdown2 needs a release 3.10.0 or later (last I checked 3.9.x release tag was still not working)
      • There are patches out there to add functionality, but PVE was awaiting upstream Debian which sorta is neededing ifupdown2 to release 3.10.0 to be able to add the right version/release tag
      • Work around: add the IPv4 end points for VxLAN (typically the loopback IPs) remote peers
    • creation of virtual-endpoint SOURCE-IP selects IPv6 hostname lookup and ifupdown2 fails on this
      • issue seems to be that when you have the host lookup always returning a IPv6 IP (Which I "require" for remote access and diverse IPv6 only stuff that works with IPv6 only)
      • Logged a ticket to request a local-ip to force the source for these.
      • this also has impact with EVPN related
    • FRR (at least till 10.3.1) L2VPN EVPN does not yet support IPv6 VTEPs
      • routing/nht fills in the router-id and not the ultimate IPv6 destination.
      • tickets or FRR to support IPv6 VTEPs in L2VNP EVPN being worked on - PR raised, but does not include required topotests/docs to be accepted

    Please let me know if there are others I've not yet triggered/found
 
Last edited: