[lxc-devel] [lxd/master] lxd/device/nic/routed: Sets accept_ra=0 on host interface
tomponline on Github
lxc-bot at linuxcontainers.org
Fri Mar 27 19:27:57 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 361 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200327/a8134347/attachment.bin>
-------------- next part --------------
From 2fd6c03da466d10fbf982fac7fdd926be1ea7d81 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Fri, 27 Mar 2020 19:27:17 +0000
Subject: [PATCH] lxd/device/nic/routed: Sets accept_ra=0 on host interface
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/device/nic_routed.go | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/lxd/device/nic_routed.go b/lxd/device/nic_routed.go
index cbd1c73523..ba226eb5d4 100644
--- a/lxd/device/nic_routed.go
+++ b/lxd/device/nic_routed.go
@@ -281,6 +281,12 @@ func (d *nicRouted) postStart() error {
// inside the instance work and ensure that traffic doesn't periodically halt whilst ARP/NDP
// is re-detected.
if v["host_name"] != "" {
+ // Attempt to disable IPv6 router advertisement acceptance.
+ err := util.SysctlSet(fmt.Sprintf("net/ipv6/conf/%s/accept_ra", v["host_name"]), "0")
+ if err != nil {
+ return err
+ }
+
if d.config["ipv4.address"] != "" {
_, err := shared.RunCommand("ip", "-4", "addr", "add", fmt.Sprintf("%s/32", d.ipv4HostAddress()), "dev", v["host_name"])
if err != nil {
More information about the lxc-devel
mailing list