[clug] Bridge setup without IP address configuration turn off end station autoconfiguration

George at Clug Clug at goproject.info
Thu Apr 9 13:50:56 UTC 2020


Hi,

 I wanted a KVM host server with an isolated network bridge without IP
address configuration for both IPv4 and IPv6.


I am interested if anyone can explain how to achieve this.   Setting
up IPv4 bridge without IP addresses was not too difficult, however
getting IPv6 not to auto configure IPv6 addresses was challenging.
Sadly I don't understand linux networking enough to truly be confident
that I have been successful or not. 


If you understand the below /etc/network/interfaces lines, please let
me know which lines you believe are correct, which are incorrect and
why.

My understanding is that I need to " turn off end station
autoconfiguration" by setting "autoconf 0", and "accept_ra 0", however
the bridge was still being assigned an IP address.


Two examples that I have tried:
1) 

auto br1
iface br1 inet manual
    bridge_ports eth4
    bridge_stp on   
    bridge_fd 0
    bridge_maxwait 0
    bridge_waitport 0

iface br1 inet6 manual
    autoconf 0
    accept_ra 0
    bridge_ports eth4
    bridge_stp on
    bridge_fd 0
    bridge_maxwait 0
    bridge_waitport 0

===============================================
2)
I found this link, which was for IPv4 but the IPv6 address was still
being assigned assigned, even when I duplicated the details for IPv6.
Adding "autoconf 0", and "accept_ra 0" did not stopan  IPv6 address
being assigned.

https://wiki.debian.org/NetworkConfiguration#Network_Interface_Names
Example: Bridge setup without IP address configuration (use "manual"
instead of "static") to "forward" an interface to a guest VM. (The
static bridge config contains only 1 physical interface. The virtual
interface will be added to the bridge when the VM is started.)

auto br1
iface br1 inet manual
        bridge_ports eth4
        up /usr/sbin/brctl setageing br1 0
        up /usr/sbin/brctl stp br1 off

iface br1 inet6 manual
        bridge_ports eth4
        up /usr/sbin/brctl setageing br1 0
        up /usr/sbin/brctl stp br1 off

===============================================

Below are some links I used for information.

https://www.rmv6tf.org/wp-content/uploads/2013/04/2-End-Station-Addressing.pdf
Stateless Address Autoconfiguration (SLAAC) is the default method IPv6
hosts obtain an IPv6 address. End stations automatically generate the
Interface ID (lower 64 bits) of their address as an EUI-64 address
based on the station MAC address. The Prefix is provided to the end
station via a Router Advertisement (RA).

https://howdoesinternetwork.com/2013/slaac
As a result, an IPv6 host can configure for itself complete or part of
the address settings automatically, which depends on the type and
method it uses for autoconfiguration. The method types include:
    Stateful autoconfiguration
    Stateless autoconfiguration using EUI-64 addressing process
(SLAAC)
Stateful autoconfiguration is a method in which a host or router is
assigned its entire 128-bit IPv6 address with the help of
DHCP.Stateless autoconfiguration or SLAAC is that second method in
which the host or router interface is assigned a 64-bit prefix, and
then the last 64 bits of its address are derived by the host or router
with help of EUI-64 process.

https://www.cyberciti.biz/faq/ubuntu-ipv6-networking-configuration/


https://hackingandsecurity.blogspot.com/2016/06/ip-address-configuration-in-kali-linux.html?view=classic


https://sumguy.com/proxmox-ip-bridge-for-single-public-ip/


http://rockhoppervpn.sourceforge.net/ref_bridge_v6_2.html


https://wiki.debian.org/NetworkConfiguration#Network_Interface_Names


https://www.ionos.com/help/server-cloud-infrastructure/ip-addresses/adding-a-public-ipv6-address-to-a-server/adding-a-public-ipv6-address-to-a-linux-server-ubuntu/
              accept_ra int
                     Accept router advertisements
(0=off, 1=on)
              autoconf int
                     Perform stateless
autoconfiguration (0=off, 1=on). Default value: "0"


More information about the linux mailing list