Open yaiqsa opened 1 month ago
bb-Ricardo
commented
1 month ago Hi,
this is intentional as you would have otherwise your NetBox instance filled with link local addresses: https://github.com/bb-Ricardo/netbox-sync/blob/3b361336d1fd8d63455f396b421b1ff4d564856f/module/sources/common/permitted_subnets.py#L96-L102
yaiqsa
commented
1 month ago I agree that most people wouldn't want their instance filled up with link local addresses, but there is a pretty significant difference between a link local address, and a (global unicast) SLAAC address right?
( Link local addresses are in the fe80::/10 prefix, SLAAC addresses are normal ::/128 publicly routable addresses, which are just automatically provisioned by the gateway, instead of manually configured on the host. In that way SLAAC serves a similar purpose to DHCP )
bb-Ricardo
commented
1 month ago Would you be able to run netbox-sync with the -l DEBUG2 option and post the relevant part of output here? A GUA is not a link local address and therefore should be included in the sync (as long as the address is part of a network defined in permitted_subnets)
yaiqsa
commented
1 month ago Of course! I have redacted the addresses and names quite a bit, but the logs should still paint the correct picture.
2024-05-30 13:24:07,039 - DEBUG2: Found default IPv4 gateway 192.168.0.1
2024-05-30 13:24:07,039 - DEBUG2: Found default IPv6 gateway fe80::111:1ff:fe11:11
2024-05-30 13:24:07,039 - DEBUG2: Parsing device VirtualVmxnet3: 22:22:22:22:22:22
2024-05-30 13:24:07,042 - DEBUG: IP address 'fe80::2022:22ff:fe22:2222/64' for vNIC 1 (my-vlan) is a link local address. Skipping.
2024-05-30 13:24:07,043 - DEBUG2: Trying to find a virtual machine based on the collected name, cluster, IP and MAC addresses
2024-05-30 13:24:07,080 - DEBUG2: Found a exact matching virtual machine object: my-vm (my-cluster)
2024-05-30 13:24:07,080 - DEBUG2: Found a matching virtual machine object: my-vm (my-cluster)
2024-05-30 13:24:07,080 - DEBUG2: Parsing 'virtual machine' data structure: my-vm
2024-05-30 13:24:07,080 - DEBUG2: Parsing 'site' data structure: My Site
2024-05-30 13:24:07,081 - DEBUG2: Parsing 'platform' data structure: Ubuntu Linux (64-bit)
2024-05-30 13:24:07,083 - DEBUG2: Parsing 'Virtual Disk' data structure: Hard disk 1
2024-05-30 13:24:07,083 - DEBUG2: Trying to match current object interfaces in NetBox with discovered interfaces
2024-05-30 13:24:07,086 - DEBUG2: Found '1' NICs in NetBox for 'my-vm'
2024-05-30 13:24:07,086 - DEBUG2: Found 1:1 name match for NIC 'vNIC 1 (my-vlan)'
2024-05-30 13:24:07,087 - DEBUG2: Parsing 'virtual machine interface' data structure: vNIC 1 (my-vlan) (my-vm)
2024-05-30 13:24:07,087 - DEBUG2: Trying to find prefix for IP: 192.168.0.10/24
2024-05-30 13:24:07,089 - DEBUG2: Found IP '192.168.0.10/24' matches site 'My Site' prefix '192.168.0.0/24'
2024-05-30 13:24:07,097 - DEBUG2: Found existing NetBox IP address object: 192.168.0.10/24
2024-05-30 13:24:07,097 - DEBUG2: Parsing 'IP address' data structure: 192.168.0.10/24
2024-05-30 13:24:07,097 - DEBUG2: Trying to find prefix for IP: 2001:db8:1::2022:22ff:fe22:2222/64
2024-05-30 13:24:07,099 - DEBUG2: Found IP '2001:db8:1::2022:22ff:fe22:2222/64' matches site 'My Site' prefix '2001:db8:1::/64'
2024-05-30 13:24:07,109 - DEBUG2: Found existing NetBox IP address object: 2001:db8:1::2022:22ff:fe22:2222/64
2024-05-30 13:24:07,110 - DEBUG2: Parsing 'IP address' data structure: 2001:db8:1::2022:22ff:fe22:2222/64
2024-05-30 13:24:07,115 - DEBUG2: Found matching prefix VLAN 2 (My Site) for untagged interface VLAN.
2024-05-30 13:24:07,115 - DEBUG2: Parsing 'virtual machine interface' data structure: vNIC 1 (my-vlan) (my-vm)One thing that didn't really realize before: Found default IPv6 gateway fe80::111:1ff:fe11:11.
This is accurate, sort of. In the IPv6 routing table on the host, the router's link-local address is the default gateway. I tried to find information about this online, but couldn't quickly find anything more authoritative than this stack-exchange comment:
Yes, all networks on a link have the gateway set to the router's link-local address. That is how IPv6 RAs (Router Advertisements) work, so all networks advertised on the link are in the RAs, and all use the router's link-local address as the gateway.
Reading this, I'm afraid it might be a matter of taste whether my 2001:db8:1::2022:22ff:fe22:2222 address should be regarded as a primary IP address.. I would like it to be though 😅
bb-Ricardo
commented
1 month ago Great, thank you for the output.
This narrows down the issue. If you have more then one IPv6 GUA then there is no real way which one to pick as the primary one.
What do you think?
yaiqsa
commented
1 month ago Hmm, I've just read through rfc6724 looking for a generic answer, but there isn't really one when you don't have a destination address.
I think the problem here is that there isn't always one primary address when talking about IPv6, because of it's design taking multiple addresses into account.
I think there are two easy options:
bb-Ricardo
commented
1 month ago I thought about your second suggestion already and think this would be an option. Just needs some special "IPv6" case changes.
Will probably do that.
yaiqsa
commented
1 month ago Awesome, thank you for your time already 👍🏻
Hi there,
This is my current environment: Netbox: v3.7.6 Netbox-sync: Current master (3b361336d1fd8d63455f396b421b1ff4d564856f) VMware: vCenter 8.0.2
These Netbox-sync settings seemed relevant:
I'm running across a problem with my dual-stack VMs. They have one vNIC, which has one IPv4 address, and one SLAAC IPv6 address. These addresses are both picked up by Netbox-sync. However, while the IPv4 address is automatically set as Primary address for the VM, the Primary IPv6 field remains empty.
The funny thing I noticed is that 'staticly' configured IPv6 addresses seem to work normally (and are set as Primary IPv6), but SLAAC addresses don't.
Is this by design, or can it be fixed?
Thank you in advance