[CentOS-virt] Issues with routing IPv6 to KVM Guests

Wed Sep 19 23:39:35 UTC 2012
Joe Pruett <joey at q7.com>

On 09/19/2012 04:29 PM, Joe Pruett wrote:
> On 09/14/2012 03:16 PM, David Hackl wrote:
>> IPv6 is enabled. As I said, it works good on the node itself. I can ping 
>> it and also ping out of it.
>>
>
> this is a really annoying bug in the linux bridge code. ipv6 neighbor
> discovery relies on multicast, and the bridge code tries to optimize
> multicast by not treating it as broadcast. but since v6 neighbor
> discovery doesn't use v4 igmp, the bridge code never realizes what
> bridge interfaces should get what multicast packets. the easiest fix is:
>
> echo 2 > /sys/class/net/vif#.#/brport/multicast_router
>
> with the appropriate #.# substituted (or just do them all), which tells
> the bridge code that there is a multicast router on that port and
> therefore it should receive all multicast traffic. i ran into this a few
> months back and had forgotten it again until now. i never found a way to
> make it happen at boot time, or via some script in xen, but i will now
> dive into that hunt again...
>

ah, the memory is going. i did come up with a hacked way to make this
happen for xen vms, so you'd have to find another way to make it happen
for kvm. for xen, there is a script that is called to create the vif
interface, and i just hacked in the echo in there. i had to do it as a
background job with a 5 second delay to get around some timing issue.
and it only works for newly created vms, once a vm has been created, it
remembers the original script name, so suspending and resuming gets you
back to square one, even rebooting from within the guest.

here is the code that was added to the vif-bridge script, just to see
how easy it was:

(sleep 5 ; echo 2 > /sys/class/net/$vif/brport/multicast_router) &