Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Introduction

Abiquo supports IPv6 networking in the Abiquo UI and API.

Users can create Abiquo private, public, external and unmanaged IPv6 networks via GUI and API.

In the GUI, cloud users will be able to use IPv6 networks in the same way as IPv4 networks are used. Addresses will be listed and selected through the GUI.

If you wish to use Abiquo (and a DHCPv6 server) to assign addresses, IPv6 will require one DHCPv6 server for each datacenter. This means that each datacenter needs a remote services with both an IPv4 and IPv6 DHCP server running. The DHCP and DHCPv6 servers may be running on the same machine.

The implementation covers any valid IPv6 address format (short or long). It also covers the creation of IP addresses with most of the transitional IPv6 technologies: IPv4-mapped, IPv4-compatible, Teredo and ISATAP. This first version has limitations on the number of IPv6 NICs per virtual machine.

Full implementation diagram: ipv6.png

Use Cases of Abiquo IPv6

There are two main use cases for IPv6 in Abiquo: Automatic generation of IPv6 address and Manual entry of IPv6 address. These two use cases are distinguished in Abiquo by the strict parameter. When strict = true, Abiquo enforces EUI-64 IP address generation. 

 Strict NetworksAbiquo automatically generates IPv6 address
Description
  • Abiquo can automatically generate the host-specific part of the IP to the EUI-64 standard
  • Abiquo uses the MAC of the virtual machine to automatically generate the Host ID
    • When the MAC is not yet available from the hypervisor (prior to deploy of public and external networks), Abiquo supplies a placeholder IP
      • The placeholder IP:
        • displays as a question mark "?"
        • will be replaced with a real IP when the virtual machine is deployed
Strict network?Network parameter strict = true
Router advertisement
system
  • You must always configure the network in the router advertisement system for all IPv6 network types
    • Unmanaged networks will usually receive their IPv6 addresses from the router advertisement system
    • Public, external and private strict networks can also receive stateless IPv6 addresses from this system based on their MACs
      • the DHCP server is not required, because Abiquo will generate and display the same IP addresses as the router advertisement system
DHCPv6
  • In general, DHCPv6 is required to supply DNS information to the virtual machines
  • DHCPv6 can be used to supply IPv6 addresses to the virtual machines
  • The addresses generated by the router advertisement system from the MACs of the virtual machines should be the same as those generated by DHCPv6
    • When a router advertisement system is used to assign the IPv6 address, the correct addresses should still be displayed in Abiquo
Placeholder IPs
  • EUI-64 requires the MAC from the hypervisor
    • A placeholder IP is used until the MAC is provided by the hypervisor at deploy time
      • The placeholder IP is represented by a "?"
 Non-strict NetworksUser may manually enter IPv6 address
Description
  • You can manually enter an IPv6 address in Abiquo
    • This address must be valid for the IPv6 network
  • Cloud users can select from these IPv6 addresses when configuring their virtual machines
Strict network?Network parameter strict = false
Router advertisement
system
  • You must always configure the network in the router advertisement system for all IPv6 network types
DHCPv6
  • DHCPv6 service is required to supply IPv6 addresses and DNS information to the virtual machines
  • DHCPv6-ready templates are required:
    • Windows: configure DUID in registry
    • Unix: configure dhcpv6 client and firewall/security
  • The DHCPv6 service can assign static addresses
    • 1 x IPv6 address to a Windows virtual machine
    • Multiple IPv6 addresses to a Unix virtual machine with appropriate template configuration 
Automatic IPv6
generation
is also supported
  • Abiquo can also automatically generate an IPv6 address for non-strict private, public and external networks
    • If the MAC is available, generate an IPv6 address in EUI-64 format
    • If the MAC is not available, (prior to deploy in external or public networks), generate a random IPv6 address

A basic sample configuration for testing the Manual IP entry use case is available from Abiquo Support.

Preparation for Abiquo IPv6

Router Advertisement System for All Networks

When you create networks in Abiquo, you must configure the networks in your router advertisement system. For unmanaged networks, you would usually configure your virtual machines to receive their IP addresses from this system.

In effect, with strict networks where the allocation of EUI64 addresses is enforced, the addresses that will be assigned by the router advertisement system based on the MAC are predictable. So the address generated and displayed in Abiquo should be the same as the one allocated by the router advertisement system. This means that the DHCP is not necessary for strict networks

DHCP v6 Service

When you create a standard Abiquo datacenter, a DHCPv6 service is automatically added. This service is required for IPv6 networks. 


Note that in strict networks the addresses assigned by the router advertisement system based on the MAC are predictable. So the address generated and displayed in Abiquo should be the same as the one allocated by the router advertisement system.

Change DHCP v6

You can change the DHCPv6 remote service via the GUI or via the API. First delete the existing service, then use the GUI or an API request similar to the one below to add a new DHCPv6 server. Note that the remote service type is "DHCPv6".

 Click here to show or hide the request example
curl --verbose -X POST -u admin:xabiquo -H "Content-type: application/vnd.abiquo.remoteservice+json" \
     http://example.com/api/admin/datacenters/1/remoteservices \
     -d '{
  "status": 1, 
  "type": "DHCPv6", 
  "uri": "omapi://dhcpv6.example.com:7911"
}'

 

Configure VM Templates to Use DHCPv6

Under IPv6, configure your virtual machine templates to use DHCPv6. First delete any existing DUID information from the templates as you would any other network or VM-specific information. 

Configure your templates so that your virtual machines will run the DHCPv6 client to retrieve the assigned IP address. Note that with a suitable configuration of the DUID of the virtual machine template, more than one NIC with an IPv6 address can be assigned to a Linux virtual machine. But only one NIC with an IPv6 address can be assigned to a Windows virtual machine.

Configure Windows DUID

 If you are using a Windows template, configure the DUID in the registry.

Configure CentOS Security

If you are using a CentOS 5 or CentOS 6 virtual machine template, remember to correctly configure SELinux and IP tables to ensure connectivity.

Create an IPv6 Network using the UI

Go to the Public or External Networks tab of your datacenter or the Private networks tab of your virtual datacenter to create an IPv6 network.

See Manage Public NetworksManage External NetworksManage Unmanaged Networks and Manage Private Networks for more information.

Create an IPv6 Network using the API

See Use the API to Manage IPv6 Networks

IPv6 Technical Notes

IPv6 Functionality Diagram

For a full Abiquo IPv6 functionality diagram see ipv6.png (use open in new window or tab to view with enlargement). Note that although the diagram shows that the unmanaged network details are written to the leases file on the DHCPv6 server if it is available, the DHCPv6 server is not required for unmanaged networks.

ULA Private Networks

An Abiquo private network uses a ULA (Unique Local Address) network. This is a pseudo-random address created from local MAC and time (NTP). This network can be configured with subnet masks of /48, /56, and /64. It is assumed to be unique. See http://tools.ietf.org/html/rfc4193.

Unmanaged Networks in IPv6

When you deploy a virtual machine in an unmanaged network, Abiquo generates an IP for the virtual machine. These IPs are registered in the Abiquo database and the DHCPv6 server as assigned to the virtual machine. However, Abiquo does not actually assign the IPs to the virtual machine. The IPs generated in this manner should be the same as the actual IPs obtained by the machines, because they are EUI64 IPs, based on the same network prefix and MAC address. This process enables Abiquo to display the IPs of virtual machines on unmanaged networks in the Abiquo GUI.

Limitation on Number of IP Addresses Received via DHCP

Non-standard DHCPv6 Leases

For functional reasons, the Abiquo DHCPv6 leases are non-standard under IPv6. Abiquo cannot guess the DUID of the virtual machine, so the leases are written using the MAC. There are differences in the Hardware Ethernet and Fixed Address values. A NIC is identified by the hardware ethernet field, which in Abiquo is the MAC address. For functional reasons, the fixed address in Abiquo is the IPv6 address represented as a series of 4 IPv4 addresses. 

Limit of One IPv6 Address in Windows

Windows virtual machine templates can only receive one IP address through DHCPv6 because the virtual machines are identified by the MAC in the leases file.

More than One IPv6 Address in Unix

Modify the template to dynamically generate a DUID using a predictable method of DUID is equal to MAC. This means the template must generate the DUID of the DHCPv6 client with the method "DUID Based on Link-layer Address [DUID-LL]", to enable the Unix virtual machines to receive more than one IP address through DHCPv6.

  • No labels

Copyright © 2006-2024, Abiquo Holdings SL. All rights reserved