Bug 1639087 - Incompatibility between libvirt-created ipv6 networks and systemd-networkd-managed network interfaces
Summary: Incompatibility between libvirt-created ipv6 networks and systemd-networkd-ma...
Keywords:
Status: NEW
Alias: None
Product: Virtualization Tools
Classification: Community
Component: libvirt
Version: unspecified
Hardware: x86_64
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Libvirt Maintainers
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-10-15 03:35 UTC by Ben Swartzlander
Modified: 2020-05-05 21:33 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Ben Swartzlander 2018-10-15 03:35:56 UTC
Description of problem: A safety check in libvirt for ipv6 networks is making a bad assumption and preventing me from starting networks altogether.

Example log message (from libvirtd):

Oct 14 23:03:44 bahamut libvirtd[456]: 2018-10-15 03:03:44.952+0000: 479: error : virNetDevIPCheckIPv6Forwarding:632 : internal error: Check the host setup: enabling IPv6 forwarding with RA routes without accept_ra set to 2 is likely to cause routes loss. Interfaces to look at: vlan3

Example error message from virt-manager (when trying to start a network):

Error starting network 'dev-net': internal error: Check the host setup: enabling IPv6 forwarding with RA routes without accept_ra set to 2 is likely to cause routes loss. Interfaces to look at: vlan3

Traceback (most recent call last):
  File "/usr/share/virt-manager/virtManager/asyncjob.py", line 89, in cb_wrapper
    callback(asyncjob, *args, **kwargs)
  File "/usr/share/virt-manager/virtManager/asyncjob.py", line 125, in tmpcb
    callback(*args, **kwargs)
  File "/usr/share/virt-manager/virtManager/libvirtobject.py", line 82, in newfn
    ret = fn(self, *args, **kwargs)
  File "/usr/share/virt-manager/virtManager/network.py", line 81, in start
    self._backend.create()
  File "/usr/lib/python2.7/dist-packages/libvirt.py", line 2892, in create
    if ret == -1: raise libvirtError ('virNetworkCreate() failed', net=self)
libvirtError: internal error: Check the host setup: enabling IPv6 forwarding with RA routes without accept_ra set to 2 is likely to cause routes loss. Interfaces to look at: vlan3


Version-Release number of selected component (if applicable):
4.7.0

How reproducible:
100%

Steps to Reproduce:
1. Install Archlinux (or any other distro that uses systemd-networkd)
2. Install libvirt
3. Configure a network interface with DHCP=yes in systemd-networkd
4. Create a network in libvirt with ipv6 enabled

Actual results:

Libvirt fails to start the network with the above error message(s)

Expected results:

Network starts up like usual

Additional info:

What's going in is that systemd-networkd never sets accept_ra=2 on any network interface. It either leaves accept_ra at the default value, or it sets it to zero, because systemd-networkd handles router advertisements in userspace rather than in the kernel. Libvirt seems to assume that the kernel is handling router advertisements which is simply incorrect. The relevant line of code in systemd is here:

https://github.com/systemd/systemd/blob/2aab8a1e04a7b11f256318e4c9289a67c36a7d01/src/network/networkd-link.c#L2524

Here is the commit that explains what systemd-networkd is doing w.r.t. handling of router advertisements:

https://github.com/systemd/systemd/commit/3b015d40c19d9338b66bf916d84dec601019c811

I think that libvirt is trying to be helpful, but there's no way to disable the helpfulness here and it's actually hurting me because I can't create networks.


Note You need to log in before you can comment on or make changes to this bug.