Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

IPv6: #259 #253 #276

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

IPv6: #259 #253 #276

wants to merge 1 commit into from

Conversation

pfandl
Copy link

@pfandl pfandl commented Sep 11, 2021

  • implement forwarding
  • implement random CIDR

Signed-off-by: fassl [email protected]

@pfandl
Copy link
Author

pfandl commented Sep 11, 2021

@AkihiroSuda can you enable ipv6 for the Docker containers?

README.md Outdated Show resolved Hide resolved
README.md Show resolved Hide resolved
@@ -41,9 +41,13 @@ int api_bindlisten(const char *api_socket)
struct api_hostfwd {
int id;
int is_udp;
struct in_addr host_addr;
int is_ipv4;
int is_ipv6;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We shouldn’t need is_ipv4.
Checking !is_ipv6 should be enough.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can pass tcp6/4 as proto to explicitly just enable either.
If we pass tcp as proto, ipv6 is enabled and the host address
is either 0.0.0.0 or ::0, both are enabled.

api.c Show resolved Hide resolved
configure.ac Outdated Show resolved Hide resolved
main.c Outdated Show resolved Hide resolved
slirp4netns.1.md Outdated Show resolved Hide resolved
@@ -224,7 +238,7 @@ If `guest_addr` is not specified, then it will be set to the default address tha
```console
(namespace)$ json='{"execute": "list_hostfwd"}'
(namespace)$ echo -n $json | nc -U /tmp/slirp4netns.sock
{"return": {"entries": [{"id": 42, "proto": "tcp", "host_addr": "0.0.0.0", "host_port": 8080, "guest_addr": "10.0.2.100", "guest_port": 80}]}}
{"return": {"entries": [{"id": 42, "proto": "tcp", "host_addr": "0.0.0.0", "host_addr6": "::", "host_port": 8080, "guest_addr": "10.0.2.100", "guest_addr6": "fd00::100", "guest_port": 80}]}}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I’m not sure we should mix up v4 and v6 in a single entry.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What should we return in api_handle_req_add_hostfwd when we add both tcp4 and tcp6? An array of IDs?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Avoid adding tcp4 and tcp6 in a single request/response.

Mixing up them in a single request/response makes it hard to implement RootlessKit integration.
https://github.com/rootless-containers/rootlesskit/blob/c5481c1cfd6f6c42c8ec1868fbc543f2b0a916a5/pkg/api/openapi.yaml#L70-L90

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried to implement it like Go's net listen, which does listen on both 4 and 6 if you set tcp with global ip 0.0.0.0 or :: if I understood it correctly.

If we don't need that I can change it like that?

  • host_addr: 0.0.0.0, proto: tcp -> v4
  • host_addr: 0.0.0.0, proto: tcp6 -> error
  • host_addr: ::, proto: tcp -> v6
  • host_addr: ::, proto: tcp4 -> error

@AkihiroSuda
Copy link
Member

AkihiroSuda commented Sep 12, 2021

Thanks for working on this.

Could you use real name for signing?

can you enable ipv6 for the Docker containers?

Do you mean Docker containers on the CI? I don’t think we have IPv6 there.

@AkihiroSuda
Copy link
Member

Cc @giuseppe @Luap99 @rhatdan

- implement forwarding
- implement random CIDR

Signed-off-by: Jasmin Fazlic <[email protected]>
@pfandl
Copy link
Author

pfandl commented Sep 12, 2021

Do you mean Docker containers on the CI? I don’t think we have IPv6 there.

Yes, ok too bad, I guess we can then test the port forwarding in the vagrant box.
Does it actually work? For me the tests seem to randomly fail, was this working
before?

@AkihiroSuda AkihiroSuda added this to the v1.2.0 milestone Sep 13, 2021
Copy link
Collaborator

@giuseppe giuseppe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

left some comments.

Could you please describe what you are doing in the commit message?

@@ -119,16 +123,59 @@ static int api_handle_req_add_hostfwd(Slirp *slirp, int fd, struct api_ctx *ctx,
free(fwd);
goto finish;
}
#if SLIRP_CONFIG_VERSION_MAX >= 3
int flags = (fwd->is_udp ? SLIRP_HOSTFWD_UDP : 0);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could we also check that SLIRP_HOSTFWD_UDP is defined?

free(fwd);
goto finish;
}
flags |= SLIRP_HOSTFWD_V6ONLY;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SLIRP_HOSTFWD_V6ONLY might not be defined

goto finish;
}
flags |= SLIRP_HOSTFWD_V6ONLY;
if (slirp_add_hostxfwd(slirp, (const struct sockaddr *)&fwd->host6,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we need to check for slirp_add_hostxfwd at configure time

wrc = write(fd, api_ok, strlen(api_ok));
if (fwd->is_ipv4) {
#if SLIRP_CONFIG_VERSION_MAX >= 3
if (slirp_remove_hostxfwd(slirp,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same for slirp_remove_hostxfwd

Copy link
Author

@pfandl pfandl Sep 13, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Edit: nevermind

Checking for SLIRP_HOSTFWD_V6ONLY at the moment would imply SLIRP_HOSTFWD_UDP and the xfwd functions. Can we just check for that to enable the IPv6 code path?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sure, that should work as well

@AkihiroSuda
Copy link
Member

What's current status?

@pfandl
Copy link
Author

pfandl commented Nov 8, 2021

What's current status?

Sorry, I'm out.

@sachk
Copy link

sachk commented Nov 25, 2021

I've been running this branch built with libslirp from master for well over a month now and I'm yet to experience any issues.

@lel-amri
Copy link

lel-amri commented Dec 4, 2022

I'm interested in working on this. Can I hijack this PR and @pfandl's work ?

@AkihiroSuda
Copy link
Member

I'm interested in working on this. Can I hijack this PR and @pfandl's work ?

Yes, please

@AkihiroSuda
Copy link
Member

I'm interested in working on this. Can I hijack this PR and @pfandl's work ?

Do you still plan this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants