Replace control cidr for SSVM by IPv6 Link-Local

[wido]

ISSUE TYPE

• Feature Idea

COMPONENT NAME

SSVM
VR

CLOUDSTACK VERSION

main

SUMMARY

We currently use the IPv4 Link-Local CIDR (169.254.0.0/16) for communication from the hypervisor to any System VM running on that hypervisor.

For this the hypervisor configures the cloud0 bridge.

11: cloud0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether fe:00:a9:fe:fe:3b brd ff:ff:ff:ff:ff:ff
    inet 169.254.240.1/16 scope global cloud0
       valid_lft forever preferred_lft forever
    inet6 fe80::1880:57ff:fe0f:f670/64 scope link 
       valid_lft forever preferred_lft forever

Within the System VM you would then see:

3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 0e:00:a9:fe:fe:3b brd ff:ff:ff:ff:ff:ff
    altname enp0s4
    altname ens4
    inet 169.254.254.59/20 brd 169.254.255.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::c00:a9ff:fefe:fe3b/64 scope link

This IPv4 CIDR is not specific to the scope of that interface which means it could be routed over the network if not configured properly.

The CloudStack Management server and KVM Agent code now contain logic to generate a unique IPv4 address for each VM to make sure they are unique zone-wide.

We can use the IPv6 Link-Local address to communicate with the System VMs. This would simplify code and remove the need for these 169.X.X addresses. Their generation, selection and configuration.

When the eth1 interface is started within the SSVM it will generate an IPv6 address based on the MAC address

• MAC: 0e:00:a9:fe:fe:3b
• Address: fe80::c00:a9ff:fefe:fe3b

This issue is here for reference just to make sure it's tracked.