From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 78D0A1FF17A for ; Fri, 18 Jul 2025 10:07:30 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 6F90515664; Fri, 18 Jul 2025 10:08:36 +0200 (CEST) From: Gabriel Goller To: pve-devel@lists.proxmox.com Date: Fri, 18 Jul 2025 10:08:26 +0200 Message-Id: <20250718080826.88560-1-g.goller@proxmox.com> X-Mailer: git-send-email 2.39.5 MIME-Version: 1.0 X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1752826109235 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.009 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [PATCH] fabrics: fix IPv6 section X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" Fix the IPv6 section, now we don't enable IPv6 forwarding anymore, but the user has to manually enable it. Also add some more info on how to do it. When applying the last fabrics series, this patch was missed, so update the old docs to the latest version. Signed-off-by: Gabriel Goller --- pvesdn.adoc | 33 +++++++++++++++++++++++++-------- 1 file changed, 25 insertions(+), 8 deletions(-) diff --git a/pvesdn.adoc b/pvesdn.adoc index ab3caebd2519..0826b335badc 100644 --- a/pvesdn.adoc +++ b/pvesdn.adoc @@ -575,7 +575,7 @@ Loopback Prefix ^^^^^^^^^^^^^^^ You can specify a CIDR network range (e.g., 192.0.2.0/24) as a loopback prefix -for the fabric. When configured, the system will automatically verify that all +for the fabric. When configured, the system will automatically verify that all router-IDs are contained within this prefix. This ensures consistency in your addressing scheme and helps prevent addressing conflicts or errors. @@ -599,6 +599,28 @@ ensures that traffic originates from the local dummy interface's IP address rather than from the physical interface. This provides consistent routing behavior and proper source address selection throughout the fabric. +[[pvesdn_config_fabrics_ipv6]] +Notes on IPv6 +^^^^^^^^^^^^^ + +IPv6 is currently only usable on OpenFabric fabrics. These IPv6 Fabrics need +global IPv6 forwarding enabled on all nodes contained in the fabric. Without +IPv6 forwarding, non-full-mesh fabrics won't work because the transit nodes +don't forward packets to the outer nodes. Currently there isn't an easy way to +enable IPv6 forwarding per-interface like with IPv4, so it has to be enabled +globally. This can be accomplished by appending this line: + +---- +post-up sysctl -w net.ipv6.conf.all.forwarding=1 +---- + +to a fabric interface in the `/etc/network/interfaces` file. This will enable +IPv6 forwarding globally once that interface comes up. Note that this affects +how your interfaces handle automatic IPv6 setup (SLAAC), Neighbour +Advertisements, Router Solicitations, and Router Advertisements. More details +here: https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt under +`net.ipv6.conf.all.forwarding`. + [[pvesdn_openfabric]] OpenFabric ~~~~~~~~~~ @@ -623,13 +645,8 @@ all router-IDs in the fabric are contained within this prefix. IPv6 Prefix:: IPv6 CIDR network range (e.g., 2001:db8::/64) used to verify that all router-IDs in the fabric are contained within this prefix. -WARNING: This will turn on IPv6 forwarding for all interfaces on all nodes. -IPv6 forwarding doesn't have a per-interface switch, it must be turned on -globally. This affects how your interfaces handle automatic IPv6 setup (SLAAC), -Neighbour Advertisements, Router Solicitations, and Router Advertisements. More -details here: -https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt under -`net.ipv6.conf.all.forwarding`. +WARNING: For IPv6 fabrics to work, global forwarding needs to be enabled on all +nodes. Check xref:pvesdn_config_fabrics_ipv6[Notes on IPv6] for how to do it and additional info. Hello Interval:: Controls how frequently (in seconds) hello packets are sent to discover and maintain connections with neighboring nodes. Lower values detect -- 2.39.5 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel