[Xen-devel] [PATCH 5/5] docs: Update the xl network config documentation with IPv6 support

[Sylvain Munaut <s.munaut@xxxxxxxxxxxxxxxxxxxx>]

Signed-off-by: Sylvain Munaut <s.munaut@xxxxxxxxxxxxxxxxxxxx>
---
 docs/misc/xl-network-configuration.markdown |   15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/docs/misc/xl-network-configuration.markdown 
b/docs/misc/xl-network-configuration.markdown
index 3c439d4..bad356d 100644
--- a/docs/misc/xl-network-configuration.markdown
+++ b/docs/misc/xl-network-configuration.markdown
@@ -128,6 +128,21 @@ configured. A typically behaviour (exhibited by the 
example hotplug
 scripts) if set might be to configure firewall rules to allow only the
 specified IP address to be used by the guest (blocking all others).
 
+The linux hotplug script supports both IPv4 and IPv6 in this field. When
+the field is omitted or empty, both will be fully allowed. If only IPv4s
+are listed, then IPv6 will be blocked completely. Symetrically, if only
+IPv6s are listed, then IPv4 will be blocked. If you wish to filter one
+but not the other, you can use the wildcard addresses 0.0.0.0/0 and
+::0/0 for IPv4/6 respectively.
+
+As a special case, you can use 'eui64' token as an IPv6 address and this
+will allow traffic all traffic from the VM where the lower 64 bits are
+matched against the EUI64 generated from the mac address of the VIF. It
+is up to the network administrator to filter the network part of the
+address globally if necessary. This is of course only usable for the
+vif-bridge script as the vif-route will require a fully defined address
+in the 'ip' field.
+
 ### backend
 
 Specifies the backend domain which this device should attach to. This
-- 
1.7.10.4


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel