Bug 47

Summary: Support multiple addresses per address family
Product: passt Reporter: Stefano Brivio <sbrivio>
Component: generalAssignee: nobody
Status: CONFIRMED ---    
Severity: feature CC: jorti
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   

Description Stefano Brivio 2023-03-24 17:08:20 UTC 
Originally reported by lemmi@nerd2nerd.org as Markdown, see also https://pad.passt.top/p/MultipleAddresses

> Support multiple address per address family
This is probably most useful for IPv6, but there might be use-cases for
IPv4 as well.

> IPv6 use-case
It is very common to see at least 3 IPv6 addresses on an interface.

1.  link-local
    fe80::/64
2.  unique local address (ULA) (RFC4193)
    fc00::/7
3.  global unicast address (GUA)
    2000::/3

Some local infrastructure might only be accessible via one type of
address. A local resolver might only listen to requests from an ULA
while still needing access to the global internet via the GUA.

> Maximum number of addresses allowed
Linux has a limit on how many addresses are allowed on an interface. It
can be queried and set through sysctl:

    sysctl net.ipv6.conf.all.max_addresses

Common default values vary from 16 to 32 for the number of allowed
addresses.

> Restrictions
- Containers (pasta)

Since containers can be configured directly, it should be possible to
allow multiple IPv6 and IPv4 addresses.

- VMs (passt)

VMs on the other hand have more restrictions as the addresses need to be
indirectly configured through SLAAC, DHCPv6 or DHCP.

-   SLAAC
    -   can provide multiple prefixes of varying length
    -   might not be feasible to force multiple specific addresses
        within a single prefix
-   DHCPv6
    -   has support to configure multiple addresses
    -   client support might be lacking
-   DHCP
    -   impossible