We currently use the IPv4 Link-Local CIDR (169.254.0.0/16) for communication from the hypervisor to any System VM running on that hypervisor.
For this the hypervisor configures the cloud0 bridge.
11: cloud0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether fe:00:a9:fe:fe:3b brd ff:ff:ff:ff:ff:ff
inet 169.254.240.1/16 scope global cloud0
valid_lft forever preferred_lft forever
inet6 fe80::1880:57ff:fe0f:f670/64 scope link
valid_lft forever preferred_lft forever
Within the System VM you would then see:
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 0e:00:a9:fe:fe:3b brd ff:ff:ff:ff:ff:ff
altname enp0s4
altname ens4
inet 169.254.254.59/20 brd 169.254.255.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::c00:a9ff:fefe:fe3b/64 scope link
This IPv4 CIDR is not specific to the scope of that interface which means it could be routed over the network if not configured properly.
The CloudStack Management server and KVM Agent code now contain logic to generate a unique IPv4 address for each VM to make sure they are unique zone-wide.
We can use the IPv6 Link-Local address to communicate with the System VMs. This would simplify code and remove the need for these 169.X.X addresses. Their generation, selection and configuration.
When the eth1 interface is started within the SSVM it will generate an IPv6 address based on the MAC address
MAC: 0e:00:a9:fe:fe:3b
Address: fe80::c00:a9ff:fefe:fe3b
This issue is here for reference just to make sure it's tracked.
ISSUE TYPE
COMPONENT NAME
CLOUDSTACK VERSION
SUMMARY
We currently use the IPv4 Link-Local CIDR (169.254.0.0/16) for communication from the hypervisor to any System VM running on that hypervisor.
For this the hypervisor configures the cloud0 bridge.
Within the System VM you would then see:
This IPv4 CIDR is not specific to the scope of that interface which means it could be routed over the network if not configured properly.
The CloudStack Management server and KVM Agent code now contain logic to generate a unique IPv4 address for each VM to make sure they are unique zone-wide.
We can use the IPv6 Link-Local address to communicate with the System VMs. This would simplify code and remove the need for these 169.X.X addresses. Their generation, selection and configuration.
When the eth1 interface is started within the SSVM it will generate an IPv6 address based on the MAC address
This issue is here for reference just to make sure it's tracked.