KVM – BAFM

Well, I’ve had my share of troubles with Hetzner, Debian, KVM and IPv6 addresses. After figuring out how to get around the IPv6 neighbor stuff (npd6 for teh win!), I battled with the problem that after restarting (rebooting/resetting – doesn’t really matter) a domain it’s IPv6 address would no longer work.

Well, today I decided to take a closer look. After the reboot, the guest comes up with this:

pinguinfuss:(thanatos.heimdaheim.de/webs) PWD:~
Mon Sep 09, 19:01:27 [0] > ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:96:ed:35 brd ff:ff:ff:ff:ff:ff
    inet 78.46.37.114 peer 78.46.37.118/32 brd 78.46.37.114 scope global eth0
    inet6 2a01:4f8:110:3148::5/64 scope global tentative dadfailed
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fe96:ed35/64 scope link
       valid_lft forever preferred_lft forever

pinguinfuss:(thanatos.heimdaheim.de/webs) PWD:~

Mon Sep 09, 19:01:27 [0] > ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 52:54:00:96:ed:35 brd ff:ff:ff:ff:ff:ff

inet 78.46.37.114 peer 78.46.37.118/32 brd 78.46.37.114 scope global eth0

inet6 2a01:4f8:110:3148::5/64 scope global tentative dadfailed

valid_lft forever preferred_lft forever

inet6 fe80::5054:ff:fe96:ed35/64 scope link

valid_lft forever preferred_lft forever

A quick peek into ip 6 neigh show reveals this:

pinguinfuss:(kvm.heimdaheim.de/KVM) PWD:~
Mon Sep 09, 19:02:27 [0] > sudo ip -6 neigh show
2a01:4f8:110:3148::5 dev eth0  FAILED

pinguinfuss:(kvm.heimdaheim.de/KVM) PWD:~

Mon Sep 09, 19:02:27 [0] > sudo ip -6 neigh show

2a01:4f8:110:3148::5 dev eth0 FAILED

At this point I had no idea were to look (I haven’t used IPv6 much), so thanks to a friend I ended up googling whatever dadfailed meant … as it turns out dadfailed indicates that a duplicate address had been detected. A short peek into kern.log/dmesg fuelled that idea:

pinguinfuss:(thanatos.heimdaheim.de/webs) PWD:/var/log
Mon Sep 09, 19:33:46 [0] > sudo grep eth kern.log
Sep  9 19:03:25 thanatos kernel: [    9.150549] eth0: IPv6 duplicate address 2a01:4f8:110:3148::5 detected!

pinguinfuss:(thanatos.heimdaheim.de/webs) PWD:/var/log

Mon Sep 09, 19:33:46 [0] > sudo grep eth kern.log

Sep 9 19:03:25 thanatos kernel: [ 9.150549] eth0: IPv6 duplicate address 2a01:4f8:110:3148::5 detected!

So, I went on googling IPv6, KVM and duplicate address, and guess what .. I don’t seem to be the only one that has this issue … I haven’t found the root cause of this, but I have a quick fix … I usually don’t assign duplicate IPv6 addresses to multiple domains (each domain has it’s on block of IPv6 addresses), so I ended up writing a short puppet class, that’ll disable the Duplicate Adress Detection for all my KVM guests!

class kvm-ipv6-domain {
        file { 'kvm-ipv6.conf':
                path    =>      '/etc/sysctl.d/kvm-ipv6.conf',
                ensure  =>      'present',
                mode    =>      '0644',
                content =>      'net.ipv6.conf.eth0.accept_dad=0',
        }
}

class kvm-ipv6-domain {

file { 'kvm-ipv6.conf':

path => '/etc/sysctl.d/kvm-ipv6.conf',

ensure => 'present',

mode => '0644',

content => 'net.ipv6.conf.eth0.accept_dad=0',

}

Tag: KVM

Hetzner, Debian, KVM and IPv6

Debian: dmesg output contains “Error: Driver ‘pcspkr’ is already registered, aborting…”

virt-viewer: qemu+ssh to a KVM host running SSH on a different port