Page History

...

When a Instance boots it sends out a Router Solicitation and it gets the information from both routers. This is done by the Network Stack of the Instance and is supported by all major Operating Systems.

Using DHCPv6 the Instances will obtain their IPv6 address. We can not use SLAAC (Stateless Autoconfiguration) the host generates a IPv6 address based on its MAC address. As CloudStack we know what the address is going to be.

In CloudStack we configured the /64 we have on the Layer 2 network and since CloudStack also generates the MAC address we can calculate which IPv6 address the Instance gets.

RFC4862: https://tools.ietf.org/html/rfc4862

as certain Operating Systems (like Windows) do not use the MAC address of the network card for calculating their SLAAC address.

CloudStack picks a random IPv6 address out of the /64 and stores that with the Instance.

This address This is then programmed into the Security Groups. By default we allow:

• The Link-Local Address
• The Address generated by SLAACIPv6 address handed out by DHCPv6.
• ICMPv6

ICMP is a essential part of IPv6. Blocking ICMP will break IPv6.

A route table on the Instance might look like this:

...

The Instance now has a single /128 address, but we also want to route a subnet to the Instance.

The Instance can now use a DHCPv6 Client again to ask for prefix delegation. It does NOT need to request an address, it just needs a Prefix to be delegated to it.

An example dhcp6c.conf:

interface eth0 {
 send ia-pd 1;

 send ia-na 1;

 request domain-name-servers;
 request domain-name;
};

...