mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-25 15:15:25 +00:00
705e67d40b
This patch adds the capability for virtual guests to do IPv6 communication via a virtual network interface with no IPv6 (gateway) addresses specified. This capability has always been enabled by default for IPv4, but disabled for IPv6 for security concerns, and because it requires the ip6tables command to be operational (which isn't the case on a system with the ipv6 module completely disabled). This patch adds a new attribute "ipv6" at the toplevel of a <network> object. If ipv6='yes', the extra ip6tables rules required to permite inter-guest communications are added when the network is started. If it is 'no', or not present, those rules will not be added; thus the default behavior doesn't change, so there should be no compatibility issues with any existing installations. Note that virtual guests cannot communication with the virtualization host via this interface, because the following kernel tunable has been set: net.ipv6.conf.<bridge_interface_name>.disable_ipv6 = 1 This assures that the bridge interface will not have an IPv6 link-local (fe80::) address. To control this behavior so that it is not enabled by default, the parameter ipv6='yes' on the <network> statement has been added. Documentation related to this patch has been updated. The network schema has also been updated.
302 lines
9.6 KiB
XML
302 lines
9.6 KiB
XML
<?xml version="1.0"?>
|
|
<!-- A Relax NG schema for the libvirt network XML format -->
|
|
<grammar xmlns="http://relaxng.org/ns/structure/1.0"
|
|
datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">
|
|
<start>
|
|
<ref name="network"/>
|
|
</start>
|
|
|
|
<include href='basictypes.rng'/>
|
|
<include href='networkcommon.rng'/>
|
|
|
|
<define name="network">
|
|
|
|
<element name="network">
|
|
<optional>
|
|
<attribute name="connections">
|
|
<data type="unsignedInt"/>
|
|
</attribute>
|
|
</optional>
|
|
<!-- Enables IPv6 guest-to-guest communications on a network
|
|
with no gateways addresses specified -->
|
|
<optional>
|
|
<attribute name="ipv6">
|
|
<choice>
|
|
<value>yes</value>
|
|
<value>no</value>
|
|
</choice>
|
|
</attribute>
|
|
</optional>
|
|
<interleave>
|
|
|
|
<!-- The name of the network, used to refer to it through the API
|
|
and in virsh -->
|
|
<element name="name">
|
|
<text/>
|
|
</element>
|
|
|
|
<!-- <uuid> element -->
|
|
<optional>
|
|
<element name="uuid"><ref name="UUID"/></element>
|
|
</optional>
|
|
|
|
<!-- <bridge> element -->
|
|
<optional>
|
|
<!-- The name of the network to be set up; this will back
|
|
the network on the host -->
|
|
<element name="bridge">
|
|
<optional>
|
|
<attribute name="name">
|
|
<ref name="deviceName"/>
|
|
</attribute>
|
|
</optional>
|
|
|
|
<optional>
|
|
<attribute name="stp">
|
|
<choice>
|
|
<value>on</value>
|
|
<value>off</value>
|
|
</choice>
|
|
</attribute>
|
|
</optional>
|
|
|
|
<optional>
|
|
<attribute name="delay">
|
|
<data type="integer"/>
|
|
</attribute>
|
|
</optional>
|
|
|
|
</element>
|
|
</optional>
|
|
|
|
<!-- <mac> element -->
|
|
<optional>
|
|
<element name="mac">
|
|
<attribute name="address"><ref name="uniMacAddr"/></attribute>
|
|
<empty/>
|
|
</element>
|
|
</optional>
|
|
|
|
<!-- <forward> element -->
|
|
<optional>
|
|
<!-- The device through which the bridge is connected to the
|
|
rest of the network -->
|
|
<element name="forward">
|
|
<optional>
|
|
<attribute name="dev">
|
|
<ref name="deviceName"/>
|
|
</attribute>
|
|
</optional>
|
|
|
|
<optional>
|
|
<attribute name="mode">
|
|
<choice>
|
|
<value>nat</value>
|
|
<value>route</value>
|
|
<value>bridge</value>
|
|
<value>passthrough</value>
|
|
<value>private</value>
|
|
<value>vepa</value>
|
|
<value>hostdev</value>
|
|
</choice>
|
|
</attribute>
|
|
</optional>
|
|
|
|
<optional>
|
|
<attribute name="managed">
|
|
<choice>
|
|
<value>yes</value>
|
|
<value>no</value>
|
|
</choice>
|
|
</attribute>
|
|
</optional>
|
|
<interleave>
|
|
<choice>
|
|
<group>
|
|
<zeroOrMore>
|
|
<element name='interface'>
|
|
<attribute name='dev'>
|
|
<ref name='deviceName'/>
|
|
</attribute>
|
|
<optional>
|
|
<attribute name="connections">
|
|
<data type="unsignedInt"/>
|
|
</attribute>
|
|
</optional>
|
|
</element>
|
|
</zeroOrMore>
|
|
</group>
|
|
<group>
|
|
<zeroOrMore>
|
|
<element name='address'>
|
|
<attribute name='type'>
|
|
<value>pci</value>
|
|
</attribute>
|
|
<ref name="pciaddress"/>
|
|
<optional>
|
|
<attribute name="connections">
|
|
<data type="unsignedInt"/>
|
|
</attribute>
|
|
</optional>
|
|
</element>
|
|
</zeroOrMore>
|
|
</group>
|
|
</choice>
|
|
<optional>
|
|
<element name='pf'>
|
|
<attribute name='dev'>
|
|
<ref name='deviceName'/>
|
|
</attribute>
|
|
</element>
|
|
</optional>
|
|
</interleave>
|
|
</element>
|
|
</optional>
|
|
|
|
<!-- <virtualport> element -->
|
|
<optional>
|
|
<ref name="virtualPortProfile"/>
|
|
</optional>
|
|
|
|
<!-- <portgroup> elements -->
|
|
<zeroOrMore>
|
|
<element name="portgroup">
|
|
<attribute name="name">
|
|
<ref name="deviceName"/>
|
|
</attribute>
|
|
<optional>
|
|
<attribute name="default">
|
|
<choice>
|
|
<value>yes</value>
|
|
<value>no</value>
|
|
</choice>
|
|
</attribute>
|
|
</optional>
|
|
<interleave>
|
|
<optional>
|
|
<ref name="virtualPortProfile"/>
|
|
</optional>
|
|
<optional>
|
|
<ref name="bandwidth"/>
|
|
</optional>
|
|
<optional>
|
|
<ref name="vlan"/>
|
|
</optional>
|
|
</interleave>
|
|
</element>
|
|
</zeroOrMore>
|
|
|
|
<!-- <domain> element -->
|
|
<optional>
|
|
<element name="domain">
|
|
<attribute name="name"><ref name="dnsName"/></attribute>
|
|
</element>
|
|
</optional>
|
|
|
|
<!-- Define the DNS related elements like TXT records
|
|
and other features in the <dns> element -->
|
|
<optional>
|
|
<element name="dns">
|
|
<zeroOrMore>
|
|
<element name="txt">
|
|
<attribute name="name"><ref name="dnsName"/></attribute>
|
|
<attribute name="value"><text/></attribute>
|
|
</element>
|
|
</zeroOrMore>
|
|
<zeroOrMore>
|
|
<element name="srv">
|
|
<attribute name="service"><text/></attribute>
|
|
<attribute name="protocol"><ref name="protocol"/></attribute>
|
|
<optional>
|
|
<attribute name="domain"><ref name="dnsName"/></attribute>
|
|
<attribute name="target"><text/></attribute>
|
|
<attribute name="port"><ref name="unsignedShort"/></attribute>
|
|
<attribute name="priority"><ref name="unsignedShort"/></attribute>
|
|
<attribute name="weight"><ref name="unsignedShort"/></attribute>
|
|
</optional>
|
|
</element>
|
|
</zeroOrMore>
|
|
<zeroOrMore>
|
|
<element name="host">
|
|
<attribute name="ip"><ref name="ipv4Addr"/></attribute>
|
|
<oneOrMore>
|
|
<element name="hostname"><ref name="dnsName"/></element>
|
|
</oneOrMore>
|
|
</element>
|
|
</zeroOrMore>
|
|
</element>
|
|
</optional>
|
|
<optional>
|
|
<ref name="bandwidth"/>
|
|
</optional>
|
|
<optional>
|
|
<ref name="vlan"/>
|
|
</optional>
|
|
<optional>
|
|
<element name="link">
|
|
<attribute name="state">
|
|
<choice>
|
|
<value>up</value>
|
|
<value>down</value>
|
|
</choice>
|
|
</attribute>
|
|
<empty/>
|
|
</element>
|
|
</optional>
|
|
|
|
<!-- <ip> element -->
|
|
<zeroOrMore>
|
|
<!-- The IP element sets up NAT'ing and an optional DHCP server
|
|
local to the host. -->
|
|
<element name="ip">
|
|
<optional>
|
|
<attribute name="address"><ref name="ipAddr"/></attribute>
|
|
</optional>
|
|
<optional>
|
|
<choice>
|
|
<attribute name="netmask"><ref name="ipv4Addr"/></attribute>
|
|
<attribute name="prefix"><ref name="ipPrefix"/></attribute>
|
|
</choice>
|
|
</optional>
|
|
<optional>
|
|
<attribute name="family"><ref name="addr-family"/></attribute>
|
|
</optional>
|
|
<optional>
|
|
<element name="tftp">
|
|
<attribute name="root"><text/></attribute>
|
|
</element>
|
|
</optional>
|
|
<optional>
|
|
<!-- Define the range(s) of IP addresses that the DHCP
|
|
server should hand out -->
|
|
<element name="dhcp">
|
|
<zeroOrMore>
|
|
<element name="range">
|
|
<attribute name="start"><ref name="ipv4Addr"/></attribute>
|
|
<attribute name="end"><ref name="ipv4Addr"/></attribute>
|
|
</element>
|
|
</zeroOrMore>
|
|
<zeroOrMore>
|
|
<element name="host">
|
|
<attribute name="mac"><ref name="uniMacAddr"/></attribute>
|
|
<attribute name="name"><text/></attribute>
|
|
<attribute name="ip"><ref name="ipv4Addr"/></attribute>
|
|
</element>
|
|
</zeroOrMore>
|
|
<optional>
|
|
<element name="bootp">
|
|
<attribute name="file"><ref name="filePath"/></attribute>
|
|
<optional>
|
|
<attribute name="server"><ref name="dnsName"/></attribute>
|
|
</optional>
|
|
</element>
|
|
</optional>
|
|
</element>
|
|
</optional>
|
|
</element>
|
|
</zeroOrMore>
|
|
</interleave>
|
|
</element>
|
|
</define>
|
|
</grammar>
|