Frustrating Tech – IPV6 Inbound KVM Issues
IPv6 inbound KVM issues caused some head scratching but ultimately lead to a solution, networking is tricky and often frustrating, but a little perseverance / angry googling can pay dividends.
Having some time ago built a general purpose server (from my old gaming pc and now running Ubuntu 16.04) that provides services to our home network (Plex server, download management, tv scheduling etc) I wished to expanded it to provide virtual machine hosting via KVM. The VMs were to initially provide UNMS for my Ubiquity gear and a homebridge server, for my Apple HomeKit automation.
As part of this expansion I wanted to provide physical interfaces for the small amount of VMs that would be spun up, so the logical choice was to install a multi-port network card. A quick trawl of eBay and I picked up a Intel PRO 1000 PT Quad Port PCIe card.
It installed fine and worked perfectly with the KVM setup (all managed and controlled by a Wok plugin called Kimchi), however when I configured IPv6 on the VMs I was getting very odd behaviour. IPv4 worked perfectly in and out and IPv6 worked perfectly out from the VM, however inbound IPv6 was very flakey or non existent, cue lots of head banging, configuration changes and firewall tinkering.
This went on for some time until I stumbled on a Redhat mailing list with someone having very similar behaviour to what I was experiencing, they had managed to manually resolve the issue by starting a tcpdump on the guest VM which then kicked the interfaced into receiving inbound IPv6 packets.
Very strange indeed, but thankfully a follow-up post detailing how to put the interfaces into promiscuous mode pushed me in the right direction and solved the issue. After any reboot or network interface initialisation, once the VMs have been started I have found putting the mactapv interfaces for the respective VMs into promiscuous mode resolves the issue.
Interface promiscuous mode can be set using the following command.
ip l set $dev promisc on
Where $dev is the name of the interface, in my case macvtap0 and macvtap1.
Hopefully this should prompt me to automate this on the VM startup and if anyone else if having similar issues offer a solution.