[ovs-discuss] GRE with link-local remote_ip: "not a valid IPv6 address"
Hi all, I'm trying to create a GRE tunnel with an IPv6 link-local address as the remote_ip. According to the changelog, this should be supported since v2.8.0. However... root@vpntest4:~# ovs-vsctl add-br ovsbr0 root@vpntest4:~# ovs-vsctl add-port ovsbr0 ovsbr0-gre -- set interface ovsbr0-gre type=ip6gre options:remote_ip='fe80::1%ens9' ovs-vsctl: Error detected while setting up 'ovsbr0-gre': ovsbr0-gre: bad ip6gre 'remote_ip' ovsbr0-gre: ip6gre type requires valid 'remote_ip' argument. See ovs-vswitchd log for details. ovs-vsctl: The default log directory is "/var/log/openvswitch". root@vpntest4:~# tail /var/log/openvswitch/ovs-vswitchd.log 2019-08-22T07:22:09.545Z|00050|socket_util|ERR|"fe80::1%ens9" is not a valid IPv6 address 2019-08-22T07:22:09.545Z|00051|netdev_vport|WARN|ovsbr0-gre: bad ip6gre 'remote_ip' ovsbr0-gre: ip6gre type requires valid 'remote_ip' argument 2019-08-22T07:22:09.545Z|00052|netdev|WARN|ovsbr0-gre: could not set configuration (Invalid argument) Regular (non-link-local) IPv6 addresses work fine. Setting up a tunnel with the `ip` command like this also works: # ip link add test-gre type ip6gretap remote fe80::1 dev ens9 Any idea what I'm doing wrong here? Or is this a bug? I'm using Open vSwitch 2.11.0 on Ubuntu 19.04, kernel version 5.0.0. Thanks Sven ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] GRE with link-local remote_ip: "not a valid IPv6 address"
Am 27.08.19 um 17:12 schrieb Gregory Rose: >> 2019-08-22T07:22:09.545Z|00050|socket_util|ERR|"fe80::1%ens9" is not a valid >> IPv6 address > > Remove the '%ens9' from your IPv6 address, that's not valid. > Then how do i specify the scope (i.e. interface) of a link-local address? The `ip` command has the `dev` option for this, but i couldn't find anything like that in the OVS docs. The changelog [0] says that the %-Notation is supported since v2.8. Regards, Sven [0] https://github.com/openvswitch/ovs/blob/5c7ba90d8189ee7b35a1723d5a76dc205720af50/NEWS#L353 ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] GRE with link-local remote_ip: "not a valid IPv6 address"
Am 28.08.19 um 19:26 schrieb Ben Pfaff: > On Tue, Aug 27, 2019 at 12:09:14PM +0200, Sven Gebauer wrote: >> Hi all, >> >> I'm trying to create a GRE tunnel with an IPv6 link-local address as the >> remote_ip. According to the changelog, this should be supported since >> v2.8.0. However... > > IPv6 link-local addresses are supported for use in contexts where OVS is > creating a socket, most notably for connections to controllers. In > other contexts, there's nowhere for OVS to put the scope, so it can't > support it. In this case, the kernel flow structure doesn't have a > scope in it, so there's nothing that userspace OVS can do about it. If > this feature were to be added, it would require adding the scope > (probably in multiple places) to that kernel flow structure, which would > probably be difficult for reasons of backward compatibility and > coordination with (and justification to) the kernel network stack > developers. > Ah, i see. Thank you! ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] GRE with link-local remote_ip: "not a valid IPv6 address"
Am 27.08.19 um 19:17 schrieb Gregory Rose: > > Maybe someone else can help with that part but I'm curious why you feel > the need to specify the link-local address. > > - Greg > Essentially, I'm trying to do GRE-over-Wireguard and need some kind of addressing within the Wireguard tunnel. These addresses should not collide with anything else in the tunnel endpoint's (unpredictable) network environment. So IPv6 link-local addresses are the perfect candidate here because the scope makes address collisions (across interfaces of the same machine) impossible. Anyway, this isn't supported right now according to Ben Pfaff's response. So I will either have to use ULA addresses (more complex because every tunnel endpoint needs to be configured with the same random ULA prefix) or create the GRE tunnels using `ip` and then add them to my OVS bridge as system interfaces (probably more CPU-overhead compared to OVS-managed GRE tunnels?). ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
