HOWTO: XEN en ipv6 chez Online.net

Tout ca en mode routé, car c'est le mode privilégié sur le réseau Online.net

Sur la dom0:

Configuration réseau de la dom0 (/etc/network/interfaces):

iface eth0 inet6 static
        address 2001:AAA:BBBB:CCC::
        accept_ra 2
        netmask 56
        pre-up dhclient -cf /etc/dhcp/dhclient6.conf -pf /run/dhclient6.eth0.pid -6 -P eth0
        pre-down dhclient -x -pf /run/dhclient6.eth0.pid

Fichier de configuration dhcp ( /etc/dhcp/dhclient6.conf ) :

interface "eth0" {
    send dhcp6.client-id [replace with DUID];
# si on veut récupérer les DNS ipv6
#    request domain-name-servers;
# si on veut récupérer le domaine ipv6
#    request domain-name;
    request;
}

Le script XEN compatible ipv6 ( /etc/xen/scripts/vif-route-ip6 ):

#!/bin/bash
#============================================================================
# /etc/xen/vif-route-ip6
#
# Script for configuring a vif in routed mode.
# The hotplugging system will call this script if it is specified either in
# the device configuration given to Xend, or the default Xend configuration
# in /etc/xen/xend-config.sxp.  If the script is specified in neither of those
# places, then vif-bridge is the default.
#
# Usage:
# vif-route (add|remove|online|offline)
#
# Environment vars:
# vif         vif interface name (required).
# XENBUS_PATH path to this device's details in the XenStore (required).
#
# Read from the store:
# ip      list of IP networks for the vif, space-separated (default given in
#         this script). IPv6 should also work.
#============================================================================

#debug
exec 2>&1
echo "#### $0 $@ at `date` ####"
set -x

dir=$(dirname "$0")
. "$dir/vif-common.sh"

ip6_of()
{
	ip -6 addr show "$1" | perl -wane '/scope global/ && /inet6 (([0-9a-f]+:*)+)/ && print $1;'
}

ip6sub_of()
{
	ip -6 addr show "$1" | perl -wane '/scope global/ && /inet6 (([0-9a-f]+:*)+\/([0-9]+)+)/ && print $1;'
}

mac_of()
{
	ifconfig "$1" | perl -wane '/HWaddr (([0-9a-f]+:*)+)/ && print $1;'
}

dom0_ip6()
{
  local nd=${netdev:-eth0}
  local result=$(ip6_of "$nd")
  if [ -z "$result" ]
  then
	""
  else
	echo "$result"
  fi
}

dom0_ip6sub()
{
  local nd=${netdev:-eth0}
  local result=$(ip6sub_of "$nd")
  if [ -z "$result" ]
  then
	""
  else
	echo "$result"
  fi
}

is_ipv6()
{
	echo "$1" | perl -wane '/:/ && print "yes"'
}

inet_ipv6_of()
{
	echo "$1" | perl -wane '/(([0-9a-f]+:*)+)/ && print $1;'
}


main_ip=$(dom0_ip)
main_ip6=$(dom0_ip6)
main_ip6sub=$(dom0_ip6sub)

case "$command" in
    online)
	log info "[vif-route] online request, ip ${ip} with main_ip ${main_ip} and main_ip6 ${main_ip6} for ${dev}."
        ifconfig ${dev} ${main_ip} netmask 255.255.255.255 up
	if [ ! -z "${main_ip6}" ]; then
        ifconfig eth0 promisc
		ip -6 addr add ${main_ip6sub} dev ${dev}
		echo 1 >/proc/sys/net/ipv6/conf/${dev}/proxy_ndp
        # cannot define per device forwarding in ipv6
		echo 1 >/proc/sys/net/ipv6/conf/all/forwarding
	fi
        echo 1 >/proc/sys/net/ipv4/conf/${dev}/proxy_arp
        ipcmd='add'
        cmdprefix=''
        ;;
    offline)
        do_without_error ifdown ${dev}
        ipcmd='del'
        cmdprefix='do_without_error'
        ;;
esac

if [ "${ip}" ] ; then
    # If we've been given a list of IP addresses, then add routes from dom0 to
    # the guest using those addresses.
    for addr in ${ip} ; do
	result=$(is_ipv6 "${addr}")
	if [ -z "${result}" ] ; then
		log info "[vif-route] Manage (${ipcmd}) IPv4 address ${addr} with src ${main_ip} for $dev."
	      result=`${cmdprefix} ip route ${ipcmd} ${addr} dev ${dev} src ${main_ip} 2>&1`
		log info "[vif-route] Result: ${result}"
	else
        inet_addr=$(inet_ipv6_of "${addr}")

		log info "[vif-route] Manage (${ipcmd}) IPv6 address ${addr} with src ${main_ip6} for $dev."
	      result=`${cmdprefix} ip -6 route ${ipcmd} ${addr} dev ${dev} 2>&1`
		log info "[vif-route] Result: ${result}"

		log info "[vif-route] Manage (${ipcmd}) IPv6 proxy ${inet_addr} on ${netdev:-eth0}."
	      result=`${cmdprefix} ip -6 neigh ${ipcmd} proxy ${inet_addr} dev ${netdev:-eth0} 2>&1`
	      result=`${cmdprefix} ip -6 neigh ${ipcmd} proxy ${main_ip6} dev ${dev} 2>&1`
		log info "[vif-route] Result: ${result}"


#   proxy_ndp is deprecated. Shall be managed another way. Maybe like below: neighbor permanent defs ?
#		log info "[vif-route] Manage (${ipcmd}) IPv6 neighbor ${inet_addr} on ${netdev:-eth0}."
#        if [ "${ipcmd}" = "add" ] ; then
#            mac=$(xenstore_read_default "$XENBUS_PATH/mac" "")
#            mainmac=$(mac_of "${netdev:-eth0}")

#	        #result=`${cmdprefix} ip -6 neighbor ${ipcmd} ${inet_addr} lladdr ${mac} dev ${netdev:-eth0} 2>&1`
#	        result=`${cmdprefix} ip -6 neighbor ${ipcmd} ${main_ip6} lladdr ${mainmac} dev ${dev} 2>&1`
#        else
#            #result=`${cmdprefix} ip -6 neighbor ${ipcmd} ${inet_addr} dev ${netdev:-eth0} 2>&1`
#            result=`${cmdprefix} ip -6 neighbor ${ipcmd} ${main_ip6} dev ${dev} 2>&1`
#        fi
#		log info "[vif-route] Result: ${result}"

	fi
    done 
fi

handle_iptable

log debug "Successful vif-route $command for $dev."
if [ "$command" = "online" ]
then
  success
fi

A ajouter dans les fichiers de création/config des domU:

vif = ['script=vif-route-ip6,mac=[MAC],ip=[ip4] [ip6 including subnet],vifname=veth0' ]		# replace with DomU's IPs, MAC and IPv6 including subnet => 2001:AAAA:BBB:DDD::/64

Sur les domU ( /etc/network/interfaces ):

iface eth0 inet6 static
        address  2001:AAA:BBBB:DDD::
        netmask 64
        accept_ra 0
# a tester avec la delegation routeurs... mais des doutes
#       pre-up dhclient -cf /etc/dhcp/dhclient6.conf -pf /run/dhclient6.eth0.pid -6 -P eth0
#       pre-down dhclient -x -pf /run/dhclient6.eth0.pid
        pre-up echo 0 > /proc/sys/net/ipv6/conf/eth0/autoconf
        up ip -6 route add 2001:AAA:BBBB:CCC::/ dev eth0
        up ip -6 route add default via 2001:AAA:BBBB:CCC::