Arch Linux

talija

Member

Registered: 2021-11-01

Posts: 3

[SOLVED] systemd-networkd token defined IPv6 via macvtap not working

Edit: This appears to no longer be an issue when last checked with systemd 253.1-3

I have a real weird issue with ipv6, macvtaps, and kvm virtual network interfaces.  The servers have multiple virtual interfaces, each interface has its own ip.  I am trying to use macvtaps for their networking, which works fine on one vm, with all the ips binding correctly to all the interfaces, each of which currently has its own macvtap (i have also tried all of the interfaces of one macvtap without different results).  The macvtaps are connected to a VLAN which goes out through the Ethernet.

On the other identical vm, on the same host, it is unable to send from the correct interface except for the first interface.  Subsequent interfaces will send ipv6 from one interface lower (traffic from the ip assigned to enp8s0 is being sent from enp7s0, and enp7s0's traffic is coming out enp1s0, but the traffic from enp1s0 works normal).  I can see the traffic being sent from the wrong interface with tcpdump, but don't know why.  All the interface IPv4 addresses work correctly and are reachable from outside the local network.  I am using systemd-networkd for my network configuration.

Host Ethernet:

[Match]
Name=enp0s25

[Link]
RequiredForOnline=true

[Network]
Description=Bare metal interface for virtual devices
IPv6AcceptRA=false
DHCP=no
MACVLAN=macvlan1
MACVTAP=macvtap2
VLAN=vlan2

Host VLAN (.netdev):

[NetDev]
Name=vlan2
Kind=vlan

[VLAN]
Id=2

Host VLAN {.network)

[Match]
Name=vlan2

[Network]
Description=blocks vilan51 interface from getting an ip address
DHCP=no
AcceptIPv6RA=false
LinkLocalAddressing=no
MACVTAP=macvtap2

Host macvtap (.netdev):

[NetDev]
Description=macvtap2 - tap 2 on vlan 2 for vm usage
Name=macvtap2
Kind=macvtap

[MACVTAP]
Mode=bridge

Host macvtap (.network):

[Match]
Name=macvtap2

[Network]
Description=macvtap2 on vlan 2 for vm usage no L3 addressing
DHCP=no
IPv6AcceptRA=false
LinkLocalAddressing=no

Guest virtual Ethernet (via macvtap2):

[Match]
Name=enp1s0

[Network]
DNS=(dns server)
DNS=(dns server)
Domains=(domain)
IPv6AcceptRA=true

[Address]
Address=(ipv4 address)

[Route]
Gateway=(gateway ipv4 address)

[Route]
Gateway=_ipv6ra

[IPv6AcceptRA]
Token=static:(token)

All the different interfaces are configured identically.

From what I can see on the firewall, when I try and ping from one of the IPs, the echo is sent and the router tries to solicit the neighbor, which it can't do because the ip doesn't exist on the interface that sent it, and the other interface isn't sending traffic.  The VM is able to see the neighbor solicitations and router advertisements fine so inbound traffic is working okay.

I haven't tried this with a bridge yet, I may do that to see if it persists.

Last edited by talija (2023-04-04 23:01:55)

talija

Member

Registered: 2021-11-01

Posts: 3

Re: [SOLVED] systemd-networkd token defined IPv6 via macvtap not working

I've found that if I remove the static token and use the generated IPv6 address, it passes traffic normally, it's just when using a defined token that this happens.