openshift-docs/modules/microshift-nw-ipv6-dual-stack-config.adoc

// Module included in the following assemblies:
//
// * microshift_configuring/microshift-nw-ipv6-config.adoc

:_mod-docs-content-type: PROCEDURE
[id="microshift-configuring-ipv6-dual-stack-config_{context}"]
= Configuring IPv6 dual-stack networking before {microshift-short} starts

You can configure your {microshift-short} node to run on dual-stack networking that supports IPv4 and IPv6 address families by using the configuration file before starting the service.

* The first IP family in the configuration is the primary IP stack in the node.
* After the node is running with dual-stack networking, enable application pods and add-on services for dual-stack by restarting them.

[IMPORTANT]
====
The OVN-Kubernetes network plugin requires that both IPv4 and IPv6 default routes be on the same network device. IPv4 and IPv6 default routes on separate network devices is not supported.
====

[IMPORTANT]
====
When using dual-stack networking where IPv6 is required, you cannot use IPv4-mapped IPv6 addresses, such as `::FFFF:198.51.100.1`.
====

.Prerequisites

* You installed the {oc-first}.
* You have root access to the node.
* Your node uses the OVN-Kubernetes network plugin.
* The host has both IPv4 and IPv6 addresses and routes, including a default for each.
* The host has at least two L3 networks, IPv4 and IPv6.

.Procedure

. If you have not done so, make a copy of the provided `config.yaml.default` file in the `/etc/microshift/` directory, renaming it `config.yaml`.

. Keep the new {microshift-short} `config.yaml` in the `/etc/microshift/` directory. Your `config.yaml` file is read every time the {microshift-short} service starts.
+
[NOTE]
====
After you create it, the `config.yaml` file takes precedence over built-in settings.
====

. If you have not started {microshift-short}, replace the default values in the `network` section of the {microshift-short} YAML with your valid values.
+
.Example dual-stack IPv6 networking configuration with network assignments
[source,yaml]
----
apiServer:
# ...
apiServer:
  subjectAltNames:
  - 192.168.113.117
  - 2001:db9:ca7:ff::1db8
network:
  clusterNetwork:
  - 10.42.0.0/16
  - fd01::/48 <1>
  serviceNetwork:
  - 10.43.0.0/16
  - fd02::/112 <2>
node:
  nodeIP: 192.168.113.117 <3>
  nodeIPv6: 2001:db9:ca7:ff::1db8 <4>
# ...
----
<1> Specify an IPv6 `clusterNetwork` with a CIDR value that is less than `64`.
<2> Specify an IPv6 CIDR with a prefix of `112`. Kubernetes uses only the lowest 16 bits. For a prefix of `112`, IP addresses are assigned from `112` to `128` bits.
<3> Example node IP address. Must be an IPv4 address family.
<4> Example node IP address for dual-stack configuration. Must be an IPv6 address family. Configurable only with dual-stack networking.

. Complete any other {microshift-short} configurations you require, then start {microshift-short} by running the following command:
+
[source,terminal]
----
$ sudo systemctl start microshift
----

. Reset the IP family policy for application pods and services as needed, then restart those application pods and services to enable dual-stack networking. See "Resetting the IP family policy for application pods and services" for a simple example.

.Verification

. You can verify that all of the system services and pods to have two IP addresses, one for each family, by using the following steps:

.. Retrieve the networks defined in the node resource by running the following command:
+
[source,terminal]
----
$ oc get pod -n openshift-ingress router-default-5b75594b4-w7w6s -o jsonpath='{.status.podIPs}'
----
+
.Example output
[source,text]
----
[{"ip":"10.42.0.4"},{"ip":"fd01:0:0:1::4"}]
----

.. Retrieve the networks defined by the host network pods by running the following command:
+
[source,terminal]
----
$ oc get pod -n openshift-ovn-kubernetes ovnkube-master-2fm2k -o jsonpath='{.status.podIPs}'
----
+
.Example output
[source,terminal]
----
[{"ip":"192.168.113.117"},{"ip":"2001:db9:ca7:ff::1db8"}]
----