$sslcert = PVE::Tools::file_get_contents("/etc/pve/pve-root-ca.pem", 8192)
if !$sslcert;
- my $port = PVE::Tools::next_vnc_port();
-
- my $remip;
+ my ($remip, $family);
my $remcmd = [];
if ($node ne 'localhost' && $node ne PVE::INotify::nodename()) {
- $remip = PVE::Cluster::remote_node_ip($node);
+ ($remip, $family) = PVE::Cluster::remote_node_ip($node);
# NOTE: kvm VNC traffic is already TLS encrypted or is known unsecure
$remcmd = ['/usr/bin/ssh', '-T', '-o', 'BatchMode=yes', $remip];
+ } else {
+ $family = PVE::Tools::get_host_address_family($node);
}
+ my $port = PVE::Tools::next_vnc_port($family);
+
my $timeout = 10;
my $realcmd = sub {
## create tunnel to remote port
$self->log('info', "starting ssh migration tunnel");
- my $lport = ($raddr eq "localhost") ? PVE::Tools::next_migrate_port() : undef;
+ my $pfamily = PVE::Tools::get_host_address_family($nodename);
+ my $lport = ($raddr eq "localhost") ? PVE::Tools::next_migrate_port($pfamily) : undef;
$self->{tunnel} = $self->fork_tunnel($self->{nodeip}, $lport, $rport);
my $start = time();
my $pciaddr = print_pci_addr("spice", $bridges);
- $spice_port = PVE::Tools::next_spice_port();
+ my $nodename = PVE::INotify::nodename();
+ my $pfamily = PVE::Tools::get_host_address_family($nodename);
+ $spice_port = PVE::Tools::next_spice_port($pfamily);
push @$devices, '-spice', "tls-port=${spice_port},addr=127.0.0.1,tls-ciphers=DES-CBC3-SHA,seamless-migration=on";
if ($statefile eq 'tcp') {
my $localip = "localhost";
my $datacenterconf = PVE::Cluster::cfs_read_file('datacenter.cfg');
+ my $nodename = PVE::INotify::nodename();
if ($datacenterconf->{migration_unsecure}) {
- my $nodename = PVE::INotify::nodename();
$localip = PVE::Cluster::remote_node_ip($nodename, 1);
}
- $migrate_port = PVE::Tools::next_migrate_port();
+ my $pfamily = PVE::Tools::get_host_address_family($nodename);
+ $migrate_port = PVE::Tools::next_migrate_port($pfamily);
$migrate_uri = "tcp:${localip}:${migrate_port}";
push @$cmd, '-incoming', $migrate_uri;
push @$cmd, '-S';