On 09/19/2012 04:29 PM, Joe Pruett wrote:
On 09/14/2012 03:16 PM, David Hackl wrote:
IPv6 is enabled. As I said, it works good on the node itself. I can ping it and also ping out of it.
this is a really annoying bug in the linux bridge code. ipv6 neighbor discovery relies on multicast, and the bridge code tries to optimize multicast by not treating it as broadcast. but since v6 neighbor discovery doesn't use v4 igmp, the bridge code never realizes what bridge interfaces should get what multicast packets. the easiest fix is:
echo 2 > /sys/class/net/vif#.#/brport/multicast_router
with the appropriate #.# substituted (or just do them all), which tells the bridge code that there is a multicast router on that port and therefore it should receive all multicast traffic. i ran into this a few months back and had forgotten it again until now. i never found a way to make it happen at boot time, or via some script in xen, but i will now dive into that hunt again...
ah, the memory is going. i did come up with a hacked way to make this happen for xen vms, so you'd have to find another way to make it happen for kvm. for xen, there is a script that is called to create the vif interface, and i just hacked in the echo in there. i had to do it as a background job with a 5 second delay to get around some timing issue. and it only works for newly created vms, once a vm has been created, it remembers the original script name, so suspending and resuming gets you back to square one, even rebooting from within the guest.
here is the code that was added to the vif-bridge script, just to see how easy it was:
(sleep 5 ; echo 2 > /sys/class/net/$vif/brport/multicast_router) &