diff --git a/INSTALL.md b/INSTALL.md
index 61ebadfdc3d..00c724b11b4 100644
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -52,8 +52,9 @@ server are available and not blocked by any local firewall. Following ports are
 used by Apache CloudStack and its entities:
 
     8787: Apache CloudStack (Tomcat) debug socket
-    9090, 8250: Apache CloudStack Management Server, User/Client API
+    9090, 8250, 8080: Apache CloudStack Management Server, User/Client API
     8096: User/Client to CloudStack Management Server (unauthenticated)
+    7080: AWS API Server
     3306: MySQL Server
     3922, 8250, 80/443, 111/2049, 53: Secondary Storage VM
     3922, 8250, 53: Console Proxy VM
diff --git a/api/src/com/cloud/agent/api/routing/DhcpEntryCommand.java b/api/src/com/cloud/agent/api/routing/DhcpEntryCommand.java
index 5c2cd582d4c..f0ce70e9a80 100644
--- a/api/src/com/cloud/agent/api/routing/DhcpEntryCommand.java
+++ b/api/src/com/cloud/agent/api/routing/DhcpEntryCommand.java
@@ -28,7 +28,9 @@ public class DhcpEntryCommand extends NetworkElementCommand {
     String defaultRouter;
     String staticRoutes;
     String defaultDns;
-
+    String vmIp6Address;
+    String ip6Gateway;
+    String duid;
 
     protected DhcpEntryCommand() {
 
@@ -39,14 +41,15 @@ public class DhcpEntryCommand extends NetworkElementCommand {
         return true;
     }
 
-    public DhcpEntryCommand(String vmMac, String vmIpAddress, String vmName) {
+    public DhcpEntryCommand(String vmMac, String vmIpAddress, String vmName, String vmIp6Address) {
         this.vmMac = vmMac;
         this.vmIpAddress = vmIpAddress;
         this.vmName = vmName;
+        this.vmIp6Address = vmIp6Address;
     }
 
-    public DhcpEntryCommand(String vmMac, String vmIpAddress, String vmName, String dns, String gateway) {
-        this(vmMac, vmIpAddress, vmName);
+    public DhcpEntryCommand(String vmMac, String vmIpAddress, String vmName, String vmIp6Address, String dns, String gateway, String ip6Gateway) {
+        this(vmMac, vmIpAddress, vmName, vmIp6Address);
         this.dns = dns;
         this.gateway = gateway;
     }
@@ -102,4 +105,28 @@ public class DhcpEntryCommand extends NetworkElementCommand {
 	public void setDefaultDns(String defaultDns) {
 		this.defaultDns = defaultDns;
 	}
+
+	public String getIp6Gateway() {
+		return ip6Gateway;
+	}
+
+	public void setIp6Gateway(String ip6Gateway) {
+		this.ip6Gateway = ip6Gateway;
+	}
+
+	public String getDuid() {
+		return duid;
+	}
+
+	public void setDuid(String duid) {
+		this.duid = duid;
+	}
+
+	public String getVmIp6Address() {
+		return vmIp6Address;
+	}
+
+	public void setVmIp6Address(String ip6Address) {
+		this.vmIp6Address = ip6Address;
+	}
 }
diff --git a/api/src/com/cloud/dc/Vlan.java b/api/src/com/cloud/dc/Vlan.java
index 0f629ef3cbf..790195f9f3c 100644
--- a/api/src/com/cloud/dc/Vlan.java
+++ b/api/src/com/cloud/dc/Vlan.java
@@ -44,4 +44,9 @@ public interface Vlan extends InfrastructureEntity, InternalIdentity, Identity {
 
     public Long getPhysicalNetworkId();
 
+	public String getIp6Gateway();
+
+	public String getIp6Cidr();
+
+	public String getIp6Range();
 }
diff --git a/api/src/com/cloud/network/Network.java b/api/src/com/cloud/network/Network.java
index df7a3da3bef..27977f94f7b 100644
--- a/api/src/com/cloud/network/Network.java
+++ b/api/src/com/cloud/network/Network.java
@@ -256,6 +256,32 @@ public interface Network extends ControlledEntity, InternalIdentity, Identity {
         }
     }
 
+    public class IpAddresses {
+    	private String ip4Address;
+    	private String ip6Address;
+    	
+    	public IpAddresses(String ip4Address, String ip6Address) {
+    		this.setIp4Address(ip4Address);
+    		this.setIp6Address(ip6Address);
+    	}
+
+		public String getIp4Address() {
+			return ip4Address;
+		}
+
+		public void setIp4Address(String ip4Address) {
+			this.ip4Address = ip4Address;
+		}
+
+		public String getIp6Address() {
+			return ip6Address;
+		}
+
+		public void setIp6Address(String ip6Address) {
+			this.ip6Address = ip6Address;
+		}
+    }
+    
     String getName();
 
     Mode getMode();
@@ -268,6 +294,10 @@ public interface Network extends ControlledEntity, InternalIdentity, Identity {
 
     String getCidr();
 
+    String getIp6Gateway();
+    
+    String getIp6Cidr();
+    
     long getDataCenterId();
 
     long getNetworkOfferingId();
diff --git a/api/src/com/cloud/network/NetworkModel.java b/api/src/com/cloud/network/NetworkModel.java
index 9baa0ec435c..7e17405f434 100644
--- a/api/src/com/cloud/network/NetworkModel.java
+++ b/api/src/com/cloud/network/NetworkModel.java
@@ -249,4 +249,5 @@ public interface NetworkModel {
     
     boolean isNetworkInlineMode(Network network);
 
+	Vlan getVlanForNetwork(long networkId);
 }
\ No newline at end of file
diff --git a/api/src/com/cloud/network/NetworkProfile.java b/api/src/com/cloud/network/NetworkProfile.java
index 067ba15954b..37d46ac8395 100644
--- a/api/src/com/cloud/network/NetworkProfile.java
+++ b/api/src/com/cloud/network/NetworkProfile.java
@@ -38,6 +38,8 @@ public class NetworkProfile implements Network {
     private TrafficType trafficType;
     private String gateway;
     private String cidr;
+    private String ip6Gateway;
+    private String ip6Cidr;
     private long networkOfferingId;
     private long related;
     private String displayText;
@@ -63,6 +65,8 @@ public class NetworkProfile implements Network {
         this.trafficType = network.getTrafficType();
         this.gateway = network.getGateway();
         this.cidr = network.getCidr();
+        this.ip6Gateway = network.getIp6Gateway();
+        this.ip6Cidr = network.getIp6Cidr();
         this.networkOfferingId = network.getNetworkOfferingId();
         this.related = network.getRelated();
         this.displayText = network.getDisplayText();
@@ -229,4 +233,14 @@ public class NetworkProfile implements Network {
     public void setTrafficType(TrafficType type) {
         this.trafficType = type;
     }
+
+	@Override
+	public String getIp6Gateway() {
+		return ip6Gateway;
+	}
+
+	@Override
+	public String getIp6Cidr() {
+		return ip6Cidr;
+	}
 }
diff --git a/api/src/com/cloud/network/Networks.java b/api/src/com/cloud/network/Networks.java
index b15661910b4..e3d21584ad8 100755
--- a/api/src/com/cloud/network/Networks.java
+++ b/api/src/com/cloud/network/Networks.java
@@ -48,7 +48,7 @@ public class Networks {
     public enum AddressFormat {
         Ip4,
         Ip6,
-        Mixed
+        DualStack
     }
 
     /**
diff --git a/api/src/com/cloud/vm/Nic.java b/api/src/com/cloud/vm/Nic.java
index 51f25f59b75..9d21130327a 100644
--- a/api/src/com/cloud/vm/Nic.java
+++ b/api/src/com/cloud/vm/Nic.java
@@ -145,4 +145,10 @@ public interface Nic extends Identity, InternalIdentity {
     VirtualMachine.Type getVmType();
 
     AddressFormat getAddressFormat();
+
+	String getIp6Gateway();
+
+	String getIp6Cidr();
+
+	String getIp6Address();
 }
diff --git a/api/src/com/cloud/vm/NicProfile.java b/api/src/com/cloud/vm/NicProfile.java
index bf11786d58d..e9e091cc2d7 100644
--- a/api/src/com/cloud/vm/NicProfile.java
+++ b/api/src/com/cloud/vm/NicProfile.java
@@ -38,6 +38,8 @@ public class NicProfile implements InternalIdentity {
     TrafficType trafficType;
     String ip4Address;
     String ip6Address;
+    String ip6Gateway;
+    String ip6Cidr;
     String macAddress;
     URI isolationUri;
     String netmask;
@@ -51,7 +53,8 @@ public class NicProfile implements InternalIdentity {
     Integer networkRate;
     boolean isSecurityGroupEnabled;
     String name;
-    String requestedIp;
+    String requestedIpv4;
+    String requestedIpv6;
 
     public String getDns1() {
         return dns1;
@@ -219,7 +222,7 @@ public class NicProfile implements InternalIdentity {
         this.trafficType = network.getTrafficType();
         this.ip4Address = nic.getIp4Address();
         this.format = nic.getAddressFormat();
-        this.ip6Address = null;
+        this.ip6Address = nic.getIp6Address();
         this.macAddress = nic.getMacAddress();
         this.reservationId = nic.getReservationId();
         this.strategy = nic.getReservationStrategy();
@@ -231,6 +234,8 @@ public class NicProfile implements InternalIdentity {
         this.isSecurityGroupEnabled = isSecurityGroupEnabled;
         this.vmId = nic.getInstanceId();
         this.name = name;
+        this.ip6Cidr = nic.getIp6Cidr();
+        this.ip6Gateway = nic.getIp6Gateway();
 
         if (networkRate != null) {
             this.networkRate = networkRate;
@@ -246,8 +251,9 @@ public class NicProfile implements InternalIdentity {
         this.strategy = strategy;
     }
 
-    public NicProfile(String requestedIp) {
-        this.requestedIp = requestedIp;
+    public NicProfile(String requestedIpv4, String requestedIpv6) {
+        this.requestedIpv4 = requestedIpv4;
+        this.requestedIpv6 = requestedIpv6;
     }
 
     public NicProfile() {
@@ -273,8 +279,8 @@ public class NicProfile implements InternalIdentity {
         this.isSecurityGroupEnabled = enabled;
     }
 
-    public String getRequestedIp() {
-        return requestedIp;
+    public String getRequestedIpv4() {
+        return requestedIpv4;
     }
 
     public void deallocate() {
@@ -302,4 +308,28 @@ public class NicProfile implements InternalIdentity {
                 append(reservationId).append("-").append(ip4Address).append("-").append(broadcastUri).toString();
     }
 
+	public String getIp6Gateway() {
+		return ip6Gateway;
+	}
+
+	public void setIp6Gateway(String ip6Gateway) {
+		this.ip6Gateway = ip6Gateway;
+	}
+
+	public String getIp6Cidr() {
+		return ip6Cidr;
+	}
+
+	public void setIp6Cidr(String ip6Cidr) {
+		this.ip6Cidr = ip6Cidr;
+	}
+
+	public String getRequestedIpv6() {
+		return requestedIpv6;
+	}
+
+	public void setRequestedIpv6(String requestedIpv6) {
+		this.requestedIpv6 = requestedIpv6;
+	}
+
 }
diff --git a/api/src/com/cloud/vm/UserVmService.java b/api/src/com/cloud/vm/UserVmService.java
index fd9b0fc9477..fb574fa5848 100755
--- a/api/src/com/cloud/vm/UserVmService.java
+++ b/api/src/com/cloud/vm/UserVmService.java
@@ -51,6 +51,7 @@ import com.cloud.exception.StorageUnavailableException;
 import com.cloud.exception.VirtualMachineMigrationException;
 import com.cloud.host.Host;
 import com.cloud.hypervisor.Hypervisor.HypervisorType;
+import com.cloud.network.Network.IpAddresses;
 import com.cloud.offering.ServiceOffering;
 import com.cloud.storage.StoragePool;
 import com.cloud.storage.Volume;
@@ -232,7 +233,7 @@ public interface UserVmService {
      * @throws InsufficientResourcesException
      */
     UserVm createBasicSecurityGroupVirtualMachine(DataCenter zone, ServiceOffering serviceOffering, VirtualMachineTemplate template, List<Long> securityGroupIdList, Account owner, String hostName,
-            String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, String userData, String sshKeyPair, Map<Long, String> requestedIps, String defaultIp, String keyboard)
+            String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, String userData, String sshKeyPair, Map<Long, IpAddresses> requestedIps, IpAddresses defaultIp, String keyboard)
             throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException, StorageUnavailableException, ResourceAllocationException;
 
     /**
@@ -279,7 +280,7 @@ public interface UserVmService {
      *            - name of the ssh key pair used to login to the virtual machine
      * @param requestedIps
      *            TODO
-     * @param defaultIp
+     * @param defaultIps
      *            TODO
      * @param accountName
      *            - an optional account for the virtual machine. Must be used with domainId
@@ -297,8 +298,8 @@ public interface UserVmService {
      * @throws InsufficientResourcesException
      */
     UserVm createAdvancedSecurityGroupVirtualMachine(DataCenter zone, ServiceOffering serviceOffering, VirtualMachineTemplate template, List<Long> networkIdList, List<Long> securityGroupIdList,
-            Account owner, String hostName, String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, String userData, String sshKeyPair, Map<Long, String> requestedIps,
-            String defaultIp, String keyboard)
+            Account owner, String hostName, String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, String userData, String sshKeyPair, Map<Long, IpAddresses> requestedIps,
+            IpAddresses defaultIps, String keyboard)
             throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException, StorageUnavailableException, ResourceAllocationException;
 
     /**
@@ -343,8 +344,7 @@ public interface UserVmService {
      *            - name of the ssh key pair used to login to the virtual machine
      * @param requestedIps
      *            TODO
-     * @param defaultIp
-     *            TODO
+     * @param defaultIps TODO
      * @param accountName
      *            - an optional account for the virtual machine. Must be used with domainId
      * @param domainId
@@ -361,7 +361,7 @@ public interface UserVmService {
      * @throws InsufficientResourcesException
      */
     UserVm createAdvancedVirtualMachine(DataCenter zone, ServiceOffering serviceOffering, VirtualMachineTemplate template, List<Long> networkIdList, Account owner, String hostName,
-            String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, String userData, String sshKeyPair, Map<Long, String> requestedIps, String defaultIp, String keyboard)
+            String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, String userData, String sshKeyPair, Map<Long, IpAddresses> requestedIps, IpAddresses defaultIps, String keyboard)
             throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException, StorageUnavailableException, ResourceAllocationException;
 
     /**
diff --git a/api/src/org/apache/cloudstack/api/ApiConstants.java b/api/src/org/apache/cloudstack/api/ApiConstants.java
index e714ca42316..083b66f9a44 100755
--- a/api/src/org/apache/cloudstack/api/ApiConstants.java
+++ b/api/src/org/apache/cloudstack/api/ApiConstants.java
@@ -37,6 +37,7 @@ public class ApiConstants {
     public static final String DOMAIN_SUFFIX = "domainsuffix";
     public static final String DNS_SEARCH_ORDER = "dnssearchorder";
     public static final String CIDR = "cidr";
+    public static final String IP6_CIDR = "ip6cidr";
     public static final String CIDR_LIST = "cidrlist";
     public static final String CLEANUP = "cleanup";
     public static final String CLUSTER_ID = "clusterid";
@@ -63,6 +64,7 @@ public class ApiConstants {
     public static final String EMAIL = "email";
     public static final String END_DATE = "enddate";
     public static final String END_IP = "endip";
+    public static final String END_IPV6 = "endipv6";
     public static final String END_PORT = "endport";
     public static final String ENTRY_TIME = "entrytime";
     public static final String FETCH_LATEST = "fetchlatest";
@@ -72,6 +74,7 @@ public class ApiConstants {
     public static final String FORMAT = "format";
     public static final String FOR_VIRTUAL_NETWORK = "forvirtualnetwork";
     public static final String GATEWAY = "gateway";
+    public static final String IP6_GATEWAY = "ip6gateway";
     public static final String GROUP = "group";
     public static final String GROUP_ID = "groupid";
     public static final String GUEST_CIDR_ADDRESS = "guestcidraddress";
@@ -89,6 +92,7 @@ public class ApiConstants {
     public static final String INTERNAL_DNS2 = "internaldns2";
     public static final String INTERVAL_TYPE = "intervaltype";
     public static final String IP_ADDRESS = "ipaddress";
+    public static final String IP6_ADDRESS = "ip6address";
     public static final String IP_ADDRESS_ID = "ipaddressid";
     public static final String IS_ASYNC = "isasync";
     public static final String IP_AVAILABLE = "ipavailable";
@@ -180,6 +184,7 @@ public class ApiConstants {
     public static final String SOURCE_ZONE_ID = "sourcezoneid";
     public static final String START_DATE = "startdate";
     public static final String START_IP = "startip";
+    public static final String START_IPV6 = "startipv6";
     public static final String START_PORT = "startport";
     public static final String STATE = "state";
     public static final String STATUS = "status";
diff --git a/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkCmd.java b/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkCmd.java
index 678b0e83857..5ec7cefb052 100644
--- a/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkCmd.java
@@ -113,6 +113,18 @@ public class CreateNetworkCmd extends BaseCmd {
             description="the VPC network belongs to")
     private Long vpcId;
 
+    @Parameter(name=ApiConstants.START_IPV6, type=CommandType.STRING, description="the beginning IPv6 address in the IPv6 network range")
+    private String startIpv6;
+
+    @Parameter(name=ApiConstants.END_IPV6, type=CommandType.STRING, description="the ending IPv6 address in the IPv6 network range")
+    private String endIpv6;
+
+    @Parameter(name=ApiConstants.IP6_GATEWAY, type=CommandType.STRING, description="the gateway of the IPv6 network. Required " +
+            "for Shared networks and Isolated networks when it belongs to VPC")
+    private String ip6Gateway;
+    
+    @Parameter(name=ApiConstants.IP6_CIDR, type=CommandType.STRING, description="the CIDR of IPv6 network, must be at least /64")
+    private String ip6Cidr;
 
     /////////////////////////////////////////////////////
     /////////////////// Accessors ///////////////////////
@@ -207,6 +219,34 @@ public class CreateNetworkCmd extends BaseCmd {
         }
     }
 
+    public String getStartIpv6() {
+    	if (startIpv6 == null) {
+    		return null;
+    	}
+        return startIpv6.toLowerCase();
+    }
+
+    public String getEndIpv6() {
+    	if (endIpv6 == null) {
+    		return null;
+    	}
+        return endIpv6.toLowerCase();
+    }
+
+    public String getIp6Gateway() {
+    	if (ip6Gateway == null) {
+    		return null;
+    	}
+        return ip6Gateway.toLowerCase();
+    }
+
+    public String getIp6Cidr() {
+    	if (ip6Cidr == null) {
+    		return null;
+    	}
+        return ip6Cidr.toLowerCase();
+    }
+
     /////////////////////////////////////////////////////
     /////////////// API Implementation///////////////////
     /////////////////////////////////////////////////////
@@ -228,6 +268,10 @@ public class CreateNetworkCmd extends BaseCmd {
     @Override
     // an exception thrown by createNetwork() will be caught by the dispatcher.
     public void execute() throws InsufficientCapacityException, ConcurrentOperationException, ResourceAllocationException{
+        if (getStartIpv6() != null && getStartIp() != null) {
+        	throw new InvalidParameterValueException("Cannot support dualstack at this moment!");
+        }
+        
         Network result = _networkService.createGuestNetwork(this);
         if (result != null) {
             NetworkResponse response = _responseGenerator.createNetworkResponse(result);
diff --git a/api/src/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java b/api/src/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java
index 567d171593f..70a263d06d2 100644
--- a/api/src/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java
@@ -55,6 +55,7 @@ import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.hypervisor.Hypervisor.HypervisorType;
 import com.cloud.network.IpAddress;
 import com.cloud.network.Network;
+import com.cloud.network.Network.IpAddresses;
 import com.cloud.offering.DiskOffering;
 import com.cloud.offering.ServiceOffering;
 import com.cloud.template.VirtualMachineTemplate;
@@ -152,12 +153,15 @@ public class DeployVMCmd extends BaseAsyncCreateCmd {
 
     @Parameter(name = ApiConstants.IP_NETWORK_LIST, type = CommandType.MAP,
             description = "ip to network mapping. Can't be specified with networkIds parameter." +
-                    " Example: iptonetworklist[0].ip=10.10.10.11&iptonetworklist[0].networkid=uuid - requests to use ip 10.10.10.11 in network id=uuid")
+                    " Example: iptonetworklist[0].ip=10.10.10.11&iptonetworklist[0].ipv6=fc00:1234:5678::abcd&iptonetworklist[0].networkid=uuid - requests to use ip 10.10.10.11 in network id=uuid")
     private Map ipToNetworkList;
 
     @Parameter(name=ApiConstants.IP_ADDRESS, type=CommandType.STRING, description="the ip address for default vm's network")
     private String ipAddress;
 
+    @Parameter(name=ApiConstants.IP6_ADDRESS, type=CommandType.STRING, description="the ipv6 address for default vm's network")
+    private String ip6Address;
+
     @Parameter(name=ApiConstants.KEYBOARD, type=CommandType.STRING, description="an optional keyboard device type for the virtual machine. valid value can be one of de,de-ch,es,fi,fr,fr-be,fr-ch,is,it,jp,nl-be,no,pt,uk,us")
     private String keyboard;
 
@@ -248,7 +252,7 @@ public class DeployVMCmd extends BaseAsyncCreateCmd {
 
     public List<Long> getNetworkIds() {
        if (ipToNetworkList != null) {
-           if (networkIds != null || ipAddress != null) {
+           if (networkIds != null || ipAddress != null || getIp6Address() != null) {
                throw new InvalidParameterValueException("ipToNetworkMap can't be specified along with networkIds or ipAddress");
            } else {
                List<Long> networks = new ArrayList<Long>();
@@ -275,13 +279,13 @@ public class DeployVMCmd extends BaseAsyncCreateCmd {
         return startVm == null ? true : startVm;
     }
 
-    private Map<Long, String> getIpToNetworkMap() {
-        if ((networkIds != null || ipAddress != null) && ipToNetworkList != null) {
+    private Map<Long, IpAddresses> getIpToNetworkMap() {
+        if ((networkIds != null || ipAddress != null || getIp6Address() != null) && ipToNetworkList != null) {
             throw new InvalidParameterValueException("NetworkIds and ipAddress can't be specified along with ipToNetworkMap parameter");
         }
-        LinkedHashMap<Long, String> ipToNetworkMap = null;
+        LinkedHashMap<Long, IpAddresses> ipToNetworkMap = null;
         if (ipToNetworkList != null && !ipToNetworkList.isEmpty()) {
-            ipToNetworkMap = new LinkedHashMap<Long, String>();
+            ipToNetworkMap = new LinkedHashMap<Long, IpAddresses>();
             Collection ipsCollection = ipToNetworkList.values();
             Iterator iter = ipsCollection.iterator();
             while (iter.hasNext()) {
@@ -298,13 +302,28 @@ public class DeployVMCmd extends BaseAsyncCreateCmd {
                     }
                 }
                 String requestedIp = (String) ips.get("ip");
-                ipToNetworkMap.put(networkId, requestedIp);
+                String requestedIpv6 = (String) ips.get("ipv6");
+                if (requestedIpv6 != null) {
+                	requestedIpv6 = requestedIpv6.toLowerCase();
+                }
+                if (requestedIpv6 != null) {
+                	throw new InvalidParameterValueException("Cannot support specified IPv6 address!");
+                }
+                IpAddresses addrs = new IpAddresses(requestedIp, requestedIpv6);
+                ipToNetworkMap.put(networkId, addrs);
             }
         }
 
         return ipToNetworkMap;
     }
 
+	public String getIp6Address() {
+		if (ip6Address == null) {
+			return null;
+		}
+		return ip6Address.toLowerCase();
+	}
+
     /////////////////////////////////////////////////////
     /////////////// API Implementation///////////////////
     /////////////////////////////////////////////////////
@@ -388,6 +407,10 @@ public class DeployVMCmd extends BaseAsyncCreateCmd {
     @Override
     public void create() throws ResourceAllocationException{
         try {
+        	if (getIp6Address() != null) {
+        		throw new InvalidParameterValueException("Cannot support specified IPv6 address!");
+        	}
+        	
             //Verify that all objects exist before passing them to the service
             Account owner = _accountService.getActiveAccountById(getEntityOwnerId());
 
@@ -425,23 +448,24 @@ public class DeployVMCmd extends BaseAsyncCreateCmd {
             }
 
             UserVm vm = null;
+        	IpAddresses addrs = new IpAddresses(ipAddress, getIp6Address());
             if (zone.getNetworkType() == NetworkType.Basic) {
                 if (getNetworkIds() != null) {
                     throw new InvalidParameterValueException("Can't specify network Ids in Basic zone");
                 } else {
                     vm = _userVmService.createBasicSecurityGroupVirtualMachine(zone, serviceOffering, template, getSecurityGroupIdList(), owner, name,
-                            displayName, diskOfferingId, size, group, getHypervisor(), userData, sshKeyPairName, getIpToNetworkMap(), ipAddress, keyboard);
+                                displayName, diskOfferingId, size, group, getHypervisor(), userData, sshKeyPairName, getIpToNetworkMap(), addrs, keyboard);
                 }
             } else {
                 if (zone.isSecurityGroupEnabled())  {
                     vm = _userVmService.createAdvancedSecurityGroupVirtualMachine(zone, serviceOffering, template, getNetworkIds(), getSecurityGroupIdList(),
-                            owner, name, displayName, diskOfferingId, size, group, getHypervisor(), userData, sshKeyPairName, getIpToNetworkMap(), ipAddress, keyboard);
+                                owner, name, displayName, diskOfferingId, size, group, getHypervisor(), userData, sshKeyPairName, getIpToNetworkMap(), addrs, keyboard);
                 } else {
                     if (getSecurityGroupIdList() != null && !getSecurityGroupIdList().isEmpty()) {
                         throw new InvalidParameterValueException("Can't create vm with security groups; security group feature is not enabled per zone");
                     }
                     vm = _userVmService.createAdvancedVirtualMachine(zone, serviceOffering, template, getNetworkIds(), owner, name, displayName,
-                            diskOfferingId, size, group, getHypervisor(), userData, sshKeyPairName, getIpToNetworkMap(), ipAddress, keyboard);
+                                diskOfferingId, size, group, getHypervisor(), userData, sshKeyPairName, getIpToNetworkMap(), addrs, keyboard);
                 }
             }
 
@@ -463,4 +487,5 @@ public class DeployVMCmd extends BaseAsyncCreateCmd {
             throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, ex.getMessage());
         }
     }
+
 }
diff --git a/api/src/org/apache/cloudstack/api/response/NetworkResponse.java b/api/src/org/apache/cloudstack/api/response/NetworkResponse.java
index 4c29f98bc94..2754182de82 100644
--- a/api/src/org/apache/cloudstack/api/response/NetworkResponse.java
+++ b/api/src/org/apache/cloudstack/api/response/NetworkResponse.java
@@ -145,6 +145,12 @@ public class NetworkResponse extends BaseResponse implements ControlledEntityRes
     @SerializedName(ApiConstants.TAGS)  @Param(description="the list of resource tags associated with network", responseObject = ResourceTagResponse.class)
     private List<ResourceTagResponse> tags;
 
+    @SerializedName(ApiConstants.IP6_GATEWAY) @Param(description="the gateway of IPv6 network")
+    private String ip6Gateway;
+    
+    @SerializedName(ApiConstants.IP6_CIDR) @Param(description="the cidr of IPv6 network")
+    private String ip6Cidr;
+    
     public void setId(String id) {
         this.id = id;
     }
@@ -299,4 +305,12 @@ public class NetworkResponse extends BaseResponse implements ControlledEntityRes
     public void setTags(List<ResourceTagResponse> tags) {
         this.tags = tags;
     }
+
+	public void setIp6Gateway(String ip6Gateway) {
+		this.ip6Gateway = ip6Gateway;
+	}
+
+	public void setIp6Cidr(String ip6Cidr) {
+		this.ip6Cidr = ip6Cidr;
+	}
 }
diff --git a/api/src/org/apache/cloudstack/api/response/NicResponse.java b/api/src/org/apache/cloudstack/api/response/NicResponse.java
index 25131d277bd..a7d1a0d068e 100644
--- a/api/src/org/apache/cloudstack/api/response/NicResponse.java
+++ b/api/src/org/apache/cloudstack/api/response/NicResponse.java
@@ -67,6 +67,15 @@ public class NicResponse extends BaseResponse {
     @SerializedName("macaddress") @Param(description="true if nic is default, false otherwise")
     private String macAddress;
 
+    @SerializedName(ApiConstants.IP6_GATEWAY) @Param(description="the gateway of IPv6 network")
+    private String ip6Gateway;
+    
+    @SerializedName(ApiConstants.IP6_CIDR) @Param(description="the cidr of IPv6 network")
+    private String ip6Cidr;
+    
+    @SerializedName(ApiConstants.IP6_ADDRESS) @Param(description="the IPv6 address of network")
+    private String ip6Address;
+    
     public String getId() {
         return id;
     }
@@ -120,6 +129,18 @@ public class NicResponse extends BaseResponse {
         this.macAddress = macAddress;
     }
 
+	public void setIp6Gateway(String ip6Gateway) {
+		this.ip6Gateway = ip6Gateway;
+	}
+
+	public void setIp6Cidr(String ip6Cidr) {
+		this.ip6Cidr = ip6Cidr;
+	}
+
+	public void setIp6Address(String ip6Address) {
+		this.ip6Address = ip6Address;
+	}
+
     @Override
     public int hashCode() {
         final int prime = 31;
@@ -146,5 +167,4 @@ public class NicResponse extends BaseResponse {
             return false;
         return true;
     }
-
 }
diff --git a/api/src/org/apache/cloudstack/api/response/VlanIpRangeResponse.java b/api/src/org/apache/cloudstack/api/response/VlanIpRangeResponse.java
index 3dc46f96648..6c5c364cd8b 100644
--- a/api/src/org/apache/cloudstack/api/response/VlanIpRangeResponse.java
+++ b/api/src/org/apache/cloudstack/api/response/VlanIpRangeResponse.java
@@ -81,6 +81,19 @@ public class VlanIpRangeResponse extends BaseResponse implements ControlledEntit
     @SerializedName(ApiConstants.PHYSICAL_NETWORK_ID) @Param(description="the physical network this belongs to")
     private String physicalNetworkId;
 
+    @SerializedName(ApiConstants.START_IPV6) @Param(description="the start ipv6 of the VLAN IP range")
+    private String startIpv6;
+
+    @SerializedName(ApiConstants.END_IPV6) @Param(description="the end ipv6 of the VLAN IP range")
+    private String endIpv6;
+    
+    @SerializedName(ApiConstants.IP6_GATEWAY) @Param(description="the gateway of IPv6 network")
+    private String ip6Gateway;
+    
+    @SerializedName(ApiConstants.IP6_CIDR) @Param(description="the cidr of IPv6 network")
+    private String ip6Cidr;
+    
+
     public void setId(String id) {
         this.id = id;
     }
@@ -158,4 +171,24 @@ public class VlanIpRangeResponse extends BaseResponse implements ControlledEntit
     public String getphysicalNetworkId() {
         return physicalNetworkId;
     }
+
+	public String getStartIpv6() {
+		return startIpv6;
+	}
+
+	public void setStartIpv6(String startIpv6) {
+		this.startIpv6 = startIpv6;
+	}
+
+	public void setEndIpv6(String endIpv6) {
+		this.endIpv6 = endIpv6;
+	}
+
+	public void setIp6Gateway(String ip6Gateway) {
+		this.ip6Gateway = ip6Gateway;
+	}
+
+	public void setIp6Cidr(String ip6Cidr) {
+		this.ip6Cidr = ip6Cidr;
+	}
 }
diff --git a/awsapi/src/com/cloud/bridge/model/CloudStackUserVO.java b/awsapi/src/com/cloud/bridge/model/CloudStackUserVO.java
new file mode 100644
index 00000000000..fe1ec946941
--- /dev/null
+++ b/awsapi/src/com/cloud/bridge/model/CloudStackUserVO.java
@@ -0,0 +1,49 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.bridge.model;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.Table;
+
+@Entity
+@Table(name="user")
+public class CloudStackUserVO {
+
+    @Column(name="api_key")
+    private String apiKey;
+
+    @Column(name="secret_key")
+    private String secretKey;
+
+    public String getApiKey() {
+        return apiKey;
+    }
+
+    public String getSecretKey() {
+        return secretKey;
+    }
+
+    public void setApiKey(String apiKey) {
+        this.apiKey = apiKey;
+    }
+
+   public void setSecretKey(String secretKey) {
+        this.secretKey = secretKey;
+    }
+
+}
diff --git a/awsapi/src/com/cloud/bridge/persist/dao/CloudStackUserDao.java b/awsapi/src/com/cloud/bridge/persist/dao/CloudStackUserDao.java
new file mode 100644
index 00000000000..f5d4aa14f57
--- /dev/null
+++ b/awsapi/src/com/cloud/bridge/persist/dao/CloudStackUserDao.java
@@ -0,0 +1,26 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.bridge.persist.dao;
+
+import com.cloud.bridge.model.CloudStackUserVO;
+import com.cloud.utils.db.GenericDao;
+
+public interface CloudStackUserDao extends GenericDao<CloudStackUserVO, String> {
+
+    public String getSecretKeyByAccessKey(String acessKey);
+
+}
diff --git a/awsapi/src/com/cloud/bridge/persist/dao/CloudStackUserDaoImpl.java b/awsapi/src/com/cloud/bridge/persist/dao/CloudStackUserDaoImpl.java
new file mode 100644
index 00000000000..061351930da
--- /dev/null
+++ b/awsapi/src/com/cloud/bridge/persist/dao/CloudStackUserDaoImpl.java
@@ -0,0 +1,66 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.bridge.persist.dao;
+
+import javax.ejb.Local;
+
+import org.apache.log4j.Logger;
+import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
+
+import com.cloud.bridge.model.CloudStackUserVO;
+import com.cloud.bridge.util.EncryptionSecretKeyCheckerUtil;
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+import com.cloud.utils.db.Transaction;
+
+@Local(value={CloudStackUserDao.class})
+public class CloudStackUserDaoImpl extends GenericDaoBase<CloudStackUserVO, String> implements CloudStackUserDao {
+    public static final Logger logger = Logger.getLogger(CloudStackUserDaoImpl.class);
+
+    public CloudStackUserDaoImpl() {}
+
+    @Override
+    public String getSecretKeyByAccessKey( String accessKey ) {
+        CloudStackUserVO user = null;
+        String cloudSecretKey = null;
+
+        SearchBuilder <CloudStackUserVO> searchByAccessKey = createSearchBuilder();
+        searchByAccessKey.and("apiKey", searchByAccessKey.entity().getApiKey(), SearchCriteria.Op.EQ);
+        searchByAccessKey.done();
+        Transaction txn = Transaction.open(Transaction.CLOUD_DB);
+        try {
+            txn.start();
+            SearchCriteria<CloudStackUserVO> sc = searchByAccessKey.create();
+            sc.setParameters("apiKey", accessKey);
+            user =  findOneBy(sc);
+            if ( user != null && user.getSecretKey() != null) {
+                // if the cloud db is encrypted, decrypt the secret_key returned by cloud db before signature generation
+                if( EncryptionSecretKeyCheckerUtil.useEncryption() ) {
+                    StandardPBEStringEncryptor encryptor = EncryptionSecretKeyCheckerUtil.getEncryptor();
+                    cloudSecretKey = encryptor.decrypt( user.getSecretKey() );
+                } else {
+                    cloudSecretKey = user.getSecretKey();
+                }
+            }
+            return cloudSecretKey;
+        } finally {
+            txn.close();
+        }
+    }
+
+}
diff --git a/awsapi/src/com/cloud/bridge/service/EC2RestServlet.java b/awsapi/src/com/cloud/bridge/service/EC2RestServlet.java
index 15df24e62d2..57a32a48289 100644
--- a/awsapi/src/com/cloud/bridge/service/EC2RestServlet.java
+++ b/awsapi/src/com/cloud/bridge/service/EC2RestServlet.java
@@ -39,7 +39,6 @@ import java.util.List;
 import java.util.Properties;
 import java.util.UUID;
 
-import javax.annotation.PostConstruct;
 import javax.inject.Inject;
 import javax.servlet.ServletConfig;
 import javax.servlet.ServletException;
@@ -98,8 +97,10 @@ import com.amazon.ec2.RunInstancesResponse;
 import com.amazon.ec2.StartInstancesResponse;
 import com.amazon.ec2.StopInstancesResponse;
 import com.amazon.ec2.TerminateInstancesResponse;
+import com.cloud.bridge.model.CloudStackUserVO;
 import com.cloud.bridge.model.UserCredentialsVO;
 import com.cloud.bridge.persist.dao.CloudStackConfigurationDao;
+import com.cloud.bridge.persist.dao.CloudStackUserDaoImpl;
 import com.cloud.bridge.persist.dao.OfferingDaoImpl;
 import com.cloud.bridge.persist.dao.UserCredentialsDaoImpl;
 import com.cloud.bridge.service.controller.s3.ServiceProvider;
@@ -152,6 +153,7 @@ public class EC2RestServlet extends HttpServlet {
     private static final long serialVersionUID = -6168996266762804888L;
     @Inject UserCredentialsDaoImpl ucDao;
     @Inject OfferingDaoImpl ofDao;
+    @Inject CloudStackUserDaoImpl userDao;
 
     public static final Logger logger = Logger.getLogger(EC2RestServlet.class);
 
@@ -686,46 +688,63 @@ public class EC2RestServlet extends HttpServlet {
             EC2request.setName( groupName[0] );
         else { response.sendError(530, "Missing GroupName parameter" ); return; }
 
+        // -> not clear how many parameters there are until we fail to get IpPermissions.n.IpProtocol
+        int nCount = 1, mCount;
+        do  {
         EC2IpPermission perm = new EC2IpPermission();       	
 
-        String[] protocol = request.getParameterValues( "IpProtocol" );
+            String[] protocol = request.getParameterValues( "IpPermissions." + nCount + ".IpProtocol" );
         if ( null != protocol && 0 < protocol.length ) 
-            perm.setProtocol( protocol[0] );
-        else { response.sendError(530, "Missing IpProtocol parameter" ); return; }
+                perm.setProtocol( protocol[0]);
+            else break;
 
-        String[] fromPort = request.getParameterValues( "FromPort" );
-        if ( null != fromPort && 0 < fromPort.length ) 
-            perm.setProtocol( fromPort[0] );
-        else { response.sendError(530, "Missing FromPort parameter" ); return; }
+            String[] fromPort = request.getParameterValues( "IpPermissions." + nCount + ".FromPort" );
+            if ( null != fromPort && 0 < fromPort.length)
+                perm.setFromPort( Integer.parseInt( fromPort[0]));
 
-        String[] toPort = request.getParameterValues( "ToPort" );
-        if ( null != toPort && 0 < toPort.length ) 
-            perm.setProtocol( toPort[0] );
-        else { response.sendError(530, "Missing ToPort parameter" ); return; }
+            String[] toPort = request.getParameterValues( "IpPermissions." + nCount + ".ToPort" );
+            if ( null != toPort && 0 < toPort.length)
+                perm.setToPort( Integer.parseInt( toPort[0]));
 
-        String[] ranges = request.getParameterValues( "CidrIp" );
+            // -> list: IpPermissions.n.IpRanges.m.CidrIp
+            mCount = 1;
+            do {
+                String[] ranges = request.getParameterValues( "IpPermissions." + nCount + ".IpRanges." + mCount + ".CidrIp" );
         if ( null != ranges && 0 < ranges.length) 
-            perm.addIpRange( ranges[0] );
-        else { response.sendError(530, "Missing CidrIp parameter" ); return; }
+                    perm.addIpRange( ranges[0]);
+                else break;
+                mCount++;
+            } while( true );
 
-        String[] user = request.getParameterValues( "SourceSecurityGroupOwnerId" );
-        if ( null == user || 0 == user.length) { 
-            response.sendError(530, "Missing SourceSecurityGroupOwnerId parameter" ); 
-            return; 
-        }
+            // -> list: IpPermissions.n.Groups.m.UserId and IpPermissions.n.Groups.m.GroupName
+            mCount = 1;
+            do {
+                EC2SecurityGroup group = new EC2SecurityGroup();
 
-        String[] name = request.getParameterValues( "SourceSecurityGroupName" );
-        if ( null == name || 0 == name.length) {
-            response.sendError(530, "Missing SourceSecurityGroupName parameter" ); 
+                String[] user = request.getParameterValues( "IpPermissions." + nCount + ".Groups." + mCount + ".UserId" );
+                if ( null != user && 0 < user.length)
+                    group.setAccount( user[0]);
+                else break;
+
+                String[] name = request.getParameterValues( "IpPermissions." + nCount + ".Groups." + mCount + ".GroupName" );
+                if ( null != name && 0 < name.length)
+                    group.setName( name[0]);
+                else break;
+
+                perm.addUser( group);
+                mCount++;
+            } while( true );
+
+            // -> multiple IP permissions can be specified per group name
+            EC2request.addIpPermission( perm);
+            nCount++;
+        } while( true );
+
+        if (1 == nCount) {
+            response.sendError(530, "At least one IpPermissions required" );
             return; 		
         }
 
-        EC2SecurityGroup group = new EC2SecurityGroup();
-        group.setAccount( user[0] );
-        group.setName( name[0] );
-        perm.addUser( group );
-        EC2request.addIpPermission( perm );	
-
         // -> execute the request
         RevokeSecurityGroupIngressResponse EC2response = EC2SoapServiceImpl.toRevokeSecurityGroupIngressResponse( 
                 ServiceProvider.getInstance().getEC2Engine().revokeSecurityGroup( EC2request ));
@@ -753,10 +772,12 @@ public class EC2RestServlet extends HttpServlet {
         else break;
 
         String[] fromPort = request.getParameterValues( "IpPermissions." + nCount + ".FromPort" );
-        if (null != fromPort && 0 < fromPort.length) perm.setProtocol( fromPort[0] );
+            if ( null != fromPort && 0 < fromPort.length)
+                perm.setFromPort( Integer.parseInt( fromPort[0]));
 
         String[] toPort = request.getParameterValues( "IpPermissions." + nCount + ".ToPort" );
-        if (null != toPort && 0 < toPort.length) perm.setProtocol( toPort[0] );
+            if ( null != toPort && 0 < toPort.length)
+                perm.setToPort( Integer.parseInt( toPort[0]));
 
         // -> list: IpPermissions.n.IpRanges.m.CidrIp
         int mCount = 1;
@@ -1723,17 +1744,13 @@ public class EC2RestServlet extends HttpServlet {
             }
         } 
 
-        // [B] Use the cloudAccessKey to get the users secret key in the db
-        UserCredentialsVO cloudKeys = ucDao.getByAccessKey( cloudAccessKey );
-
-        if ( null == cloudKeys ) 
-        {
-            logger.debug( cloudAccessKey + " is not defined in the EC2 service - call SetUserKeys" );
-            response.sendError(404, cloudAccessKey + " is not defined in the EC2 service - call SetUserKeys" ); 
-            return false; 
+        // [B] Use the access key to get the users secret key from the cloud DB
+        cloudSecretKey = userDao.getSecretKeyByAccessKey( cloudAccessKey );
+        if ( cloudSecretKey == null ) {
+            logger.debug("No Secret key found for Access key '" + cloudAccessKey + "' in the the EC2 service");
+            throw new EC2ServiceException( ClientError.AuthFailure, "No Secret key found for Access key '" + cloudAccessKey +
+                    "' in the the EC2 service" );
         }
-        else cloudSecretKey = cloudKeys.getSecretKey(); 
-
 
         // [C] Verify the signature
         //  -> getting the query-string in this way maintains its URL encoding
@@ -1760,7 +1777,7 @@ public class EC2RestServlet extends HttpServlet {
                     // exclude the signature string obviously. ;)
                     if (paramName.equalsIgnoreCase("Signature")) continue;
                     if (queryString == null) 
-                        queryString = paramName + "=" + request.getParameter(paramName);
+                        queryString = paramName + "=" + URLEncoder.encode(request.getParameter(paramName), "UTF-8"); 
                     else 
                         queryString = queryString + "&" + paramName + "=" + URLEncoder.encode(request.getParameter(paramName), "UTF-8"); 
                 }
diff --git a/awsapi/src/com/cloud/bridge/service/EC2SoapServiceImpl.java b/awsapi/src/com/cloud/bridge/service/EC2SoapServiceImpl.java
index 6ac8c97e666..b2451c6a0cb 100644
--- a/awsapi/src/com/cloud/bridge/service/EC2SoapServiceImpl.java
+++ b/awsapi/src/com/cloud/bridge/service/EC2SoapServiceImpl.java
@@ -1379,7 +1379,7 @@ public class EC2SoapServiceImpl implements AmazonEC2SkeletonInterface  {
 	        param7.setDnsName( "" );
 	        param7.setReason( "" );
             param7.setKeyName( inst.getKeyPairName());
-	        param7.setAmiLaunchIndex( "" );
+            param7.setAmiLaunchIndex( null );
 	        param7.setInstanceType( inst.getServiceOffering());
 	        
 	        ProductCodesSetType param9 = new ProductCodesSetType();
@@ -1701,7 +1701,7 @@ public class EC2SoapServiceImpl implements AmazonEC2SkeletonInterface  {
 	        param7.setDnsName( "" );
 	        param7.setReason( "" );
             param7.setKeyName( inst.getKeyPairName());
-	        param7.setAmiLaunchIndex( "" );
+            param7.setAmiLaunchIndex( null );
 	        
 	        ProductCodesSetType param9 = new ProductCodesSetType();
 	        ProductCodesSetItemType param10 = new ProductCodesSetItemType();
diff --git a/awsapi/src/com/cloud/bridge/service/core/ec2/EC2AddressFilterSet.java b/awsapi/src/com/cloud/bridge/service/core/ec2/EC2AddressFilterSet.java
index cb21fb2c0ae..1823b26218c 100644
--- a/awsapi/src/com/cloud/bridge/service/core/ec2/EC2AddressFilterSet.java
+++ b/awsapi/src/com/cloud/bridge/service/core/ec2/EC2AddressFilterSet.java
@@ -63,22 +63,21 @@ public class EC2AddressFilterSet {
 	}
 
 
-	public EC2DescribeAddressesResponse evaluate( List<EC2Address> addresses) throws ParseException	{
+    public EC2DescribeAddressesResponse evaluate( EC2DescribeAddressesResponse response) throws ParseException	{
 		EC2DescribeAddressesResponse resultList = new EC2DescribeAddressesResponse();
 		
 		boolean matched;
 		
+        EC2Address[] addresses = response.getAddressSet();
 		EC2Filter[] filterSet = getFilterSet();
 		for ( EC2Address address : addresses ) {
 			matched = true;
-			if (filterSet != null) {
-				for (EC2Filter filter : filterSet) {
-					if (!filterMatched(address, filter)) {
-						matched = false;
-						break;
-					}
-				}
-			}
+            for (EC2Filter filter : filterSet) {
+                if (!filterMatched(address, filter)) {
+                    matched = false;
+                    break;
+                }
+            }
 			if (matched == true)
 				resultList.addAddress(address);
 
diff --git a/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java b/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java
index 9c0dc674577..8a5a733c4fb 100644
--- a/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java
+++ b/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java
@@ -320,7 +320,7 @@ public class EC2Engine extends ManagerBase {
                 throw new EC2ServiceException(ClientError.InvalidGroup_NotFound, "Cannot find matching ruleid.");
 
             CloudStackInfoResponse resp = getApi().revokeSecurityGroupIngress(ruleId);
-            if (resp != null && resp.getId() != null) {
+            if (resp != null) {
                 return resp.getSuccess();
             }
             return false;
@@ -351,7 +351,7 @@ public class EC2Engine extends ManagerBase {
                     pair.setKeyValue(group.getAccount(), group.getName());
                     secGroupList.add(pair);
                 }
-                CloudStackSecurityGroupIngress resp = null;
+                CloudStackSecurityGroup resp = null;
                 if (ipPerm.getProtocol().equalsIgnoreCase("icmp")) {
                     resp = getApi().authorizeSecurityGroupIngress(null, constructList(ipPerm.getIpRangeSet()), null, null, 
                             ipPerm.getIcmpCode(), ipPerm.getIcmpType(), ipPerm.getProtocol(), null, 
@@ -361,11 +361,14 @@ public class EC2Engine extends ManagerBase {
                             ipPerm.getToPort().longValue(), null, null, ipPerm.getProtocol(), null, request.getName(), 
                             ipPerm.getFromPort().longValue(), secGroupList);
                 }
-                if (resp != null && resp.getRuleId() != null) {
-                    return true;
-                }
+                if (resp != null ){
+                    List<CloudStackIngressRule> ingressRules = resp.getIngressRules();
+                    for (CloudStackIngressRule ingressRule : ingressRules)
+                        if (ingressRule.getRuleId() == null) return false;
+                } else {
                 return false;
             }
+			}
         } catch(Exception e) {
             logger.error( "EC2 AuthorizeSecurityGroupIngress - ", e);
             throw new EC2ServiceException(ServerError.InternalError, e.getMessage());
@@ -719,53 +722,22 @@ public class EC2Engine extends ManagerBase {
             throw new EC2ServiceException(ServerError.InternalError, e.getMessage());
         }
     }
+
     /**
-     * Lists SSH KeyPairs on the systme
+     * Lists SSH KeyPairs on the system
      * 
      * @param request
      * @return
      */
     public EC2DescribeKeyPairsResponse describeKeyPairs( EC2DescribeKeyPairs request ) {
         try {
-            EC2KeyPairFilterSet filterSet = request.getKeyFilterSet();
-            String[] keyNames = request.getKeyNames();
-            List<CloudStackKeyPair> keyPairs = getApi().listSSHKeyPairs(null, null, null);
-            List<EC2SSHKeyPair> keyPairsList = new ArrayList<EC2SSHKeyPair>();
+            EC2DescribeKeyPairsResponse response = listKeyPairs(request.getKeyNames());
+            EC2KeyPairFilterSet kfs = request.getKeyFilterSet();
 
-            if (keyPairs != null) {
-                // Let's trim the list of keypairs to only the ones listed in keyNames
-                List<CloudStackKeyPair> matchedKeyPairs = new ArrayList<CloudStackKeyPair>();
-                if (keyNames != null && keyNames.length > 0) {
-                    for (CloudStackKeyPair keyPair : keyPairs) {
-                        boolean matched = false;
-                        for (String keyName : keyNames) {
-                            if (keyPair.getName().equalsIgnoreCase(keyName)) {
-                                matched = true;
-                                break;
-                            }
-                        }
-                        if (matched) {
-                            matchedKeyPairs.add(keyPair);
-                        }
-                    }
-                    if (matchedKeyPairs.isEmpty()) {
-                        throw new EC2ServiceException(ServerError.InternalError, "No matching keypairs found");
-                    }
-                }else{
-                    matchedKeyPairs = keyPairs;
-                }
-
-
-                // this should be reworked... converting from CloudStackKeyPairResponse to EC2SSHKeyPair is dumb
-                for (CloudStackKeyPair respKeyPair: matchedKeyPairs) {
-                    EC2SSHKeyPair ec2KeyPair = new EC2SSHKeyPair();
-                    ec2KeyPair.setFingerprint(respKeyPair.getFingerprint());
-                    ec2KeyPair.setKeyName(respKeyPair.getName());
-                    ec2KeyPair.setPrivateKey(respKeyPair.getPrivatekey());
-                    keyPairsList.add(ec2KeyPair);
-                }
-            }
-            return filterSet.evaluate(keyPairsList);
+            if (kfs == null)
+                return response;
+            else
+                return kfs.evaluate(response);
         } catch(Exception e) {
             logger.error("EC2 DescribeKeyPairs - ", e);
             throw new EC2ServiceException(ServerError.InternalError, e.getMessage());
@@ -850,24 +822,13 @@ public class EC2Engine extends ManagerBase {
      */
     public EC2DescribeAddressesResponse describeAddresses( EC2DescribeAddresses request ) {
         try {
-            List<CloudStackIpAddress> addrList = getApi().listPublicIpAddresses(null, null, null, null, null, null, null, null, null);
+            EC2DescribeAddressesResponse response = listAddresses(request.getPublicIpsSet());
+            EC2AddressFilterSet afs = request.getFilterSet();
 
-            EC2AddressFilterSet filterSet = request.getFilterSet();
-            List<EC2Address> addressList = new ArrayList<EC2Address>();
-            if (addrList != null && addrList.size() > 0) {
-                for (CloudStackIpAddress addr: addrList) {
-                    // remember, if no filters are set, request.inPublicIpSet always returns true
-                    if (request.inPublicIpSet(addr.getIpAddress())) {
-                        EC2Address ec2Address = new EC2Address();
-                        ec2Address.setIpAddress(addr.getIpAddress());
-                        if (addr.getVirtualMachineId() != null) 
-                            ec2Address.setAssociatedInstanceId(addr.getVirtualMachineId().toString());
-                        addressList.add(ec2Address);
-                    }
-                }
-            }
-
-            return filterSet.evaluate(addressList);
+            if (afs ==null)
+                return response;
+            else
+                return afs.evaluate(response);
         } catch(Exception e) {
             logger.error("EC2 DescribeAddresses - ", e);
             throw new EC2ServiceException(ServerError.InternalError, e.getMessage());
@@ -2085,6 +2046,71 @@ public class EC2Engine extends ManagerBase {
         }
     }
 
+    private EC2DescribeKeyPairsResponse listKeyPairs( String[] keyNames ) throws Exception {
+        try {
+            EC2DescribeKeyPairsResponse keyPairSet = new EC2DescribeKeyPairsResponse();
+
+            List<CloudStackKeyPair> keyPairs = getApi().listSSHKeyPairs(null, null, null);
+            if (keyPairs != null && keyPairs.size() > 0) {
+                for (CloudStackKeyPair keyPair : keyPairs) {
+                    boolean matched = false;
+                    if (keyNames.length > 0) {
+                        for (String keyName : keyNames) {
+                            if (keyName.equalsIgnoreCase(keyPair.getName())) {
+                                matched = true;
+                                break;
+                            }
+                        }
+                    } else matched = true;
+                    if (!matched) continue;
+                    EC2SSHKeyPair ec2KeyPair = new EC2SSHKeyPair();
+                    ec2KeyPair.setFingerprint(keyPair.getFingerprint());
+                    ec2KeyPair.setKeyName(keyPair.getName());
+                    ec2KeyPair.setPrivateKey(keyPair.getPrivatekey());
+
+                    keyPairSet.addKeyPair(ec2KeyPair);
+                }
+            }
+            return keyPairSet;
+        } catch(Exception e) {
+            logger.error( "List Keypairs - ", e);
+            throw new EC2ServiceException(ServerError.InternalError, e.getMessage());
+        }
+    }
+
+    private EC2DescribeAddressesResponse listAddresses(String[] addressNames) throws Exception {
+        try {
+            EC2DescribeAddressesResponse addressSet = new EC2DescribeAddressesResponse();
+
+            List<CloudStackIpAddress> addresses = getApi().listPublicIpAddresses(null, null, null, null, null, null, null, null, null);
+            if (addresses != null && addresses.size() > 0) {
+                for (CloudStackIpAddress address : addresses) {
+                    boolean matched = false;
+                    if ( addressNames.length > 0) {
+                        for (String addressName : addressNames) {
+                            if (address.getIpAddress().equalsIgnoreCase(addressName)) {
+                                matched = true;
+                                break;
+                            }
+                        }
+                    } else matched = true;
+
+                    if (!matched) continue ;
+
+                    EC2Address ec2Address = new EC2Address();
+                    ec2Address.setIpAddress(address.getIpAddress());
+                    if (address.getVirtualMachineId() != null)
+                        ec2Address.setAssociatedInstanceId(address.getVirtualMachineId().toString());
+                    addressSet.addAddress(ec2Address);
+                }
+            }
+            return addressSet;
+        } catch(Exception e) {
+            logger.error( "List Addresses - ", e);
+            throw new EC2ServiceException(ServerError.InternalError, e.getMessage());
+        }
+    }
+
     /**
      * Convert ingress rule to EC2IpPermission records
      * 
diff --git a/awsapi/src/com/cloud/bridge/service/core/ec2/EC2KeyPairFilterSet.java b/awsapi/src/com/cloud/bridge/service/core/ec2/EC2KeyPairFilterSet.java
index 021487c7f71..2ad005b7dc2 100644
--- a/awsapi/src/com/cloud/bridge/service/core/ec2/EC2KeyPairFilterSet.java
+++ b/awsapi/src/com/cloud/bridge/service/core/ec2/EC2KeyPairFilterSet.java
@@ -62,14 +62,14 @@ public class EC2KeyPairFilterSet {
 	}
 
 
-	public EC2DescribeKeyPairsResponse evaluate( List<EC2SSHKeyPair> sampleList) throws ParseException	{
+    public EC2DescribeKeyPairsResponse evaluate( EC2DescribeKeyPairsResponse response ) throws ParseException {
 		EC2DescribeKeyPairsResponse resultList = new EC2DescribeKeyPairsResponse();
 		
 		boolean matched;
 		
-		EC2SSHKeyPair[] keypairSet = sampleList.toArray(new EC2SSHKeyPair[0]);
+        EC2SSHKeyPair[] keyPairSet = response.getKeyPairSet();
 		EC2Filter[] filterSet = getFilterSet();
-		for (EC2SSHKeyPair keyPair : keypairSet) {
+        for (EC2SSHKeyPair keyPair : keyPairSet) {
 			matched = true;
 			for (EC2Filter filter : filterSet) {
 				if (!filterMatched(keyPair, filter)) {
diff --git a/awsapi/src/com/cloud/stack/CloudStackApi.java b/awsapi/src/com/cloud/stack/CloudStackApi.java
index 52c2459e072..5a30ef22785 100644
--- a/awsapi/src/com/cloud/stack/CloudStackApi.java
+++ b/awsapi/src/com/cloud/stack/CloudStackApi.java
@@ -1115,9 +1115,9 @@ public class CloudStackApi {
 	 * @return
 	 * @throws Exception
 	 */
-	public CloudStackSecurityGroupIngress authorizeSecurityGroupIngress(String account, String cidrList, String domainId, Long endPort, 
-			String icmpCode, String icmpType, String protocol, String securityGroupId, String securityGroupName, Long startPort, 
-			List<CloudStackKeyValue> userSecurityGroupList) throws Exception {
+    public CloudStackSecurityGroup authorizeSecurityGroupIngress(String account, String cidrList, String domainId, Long endPort,
+            String icmpCode, String icmpType, String protocol, String securityGroupId, String securityGroupName, Long startPort,
+            List<CloudStackKeyValue> userSecurityGroupList) throws Exception {
 		CloudStackCommand cmd = new CloudStackCommand(ApiConstants.AUTHORIZE_SECURITY_GROUP_INGRESS);
 		if (cmd != null) {
 			if (account != null) cmd.setParam(ApiConstants.ACCOUNT, account);
@@ -1139,7 +1139,8 @@ public class CloudStackApi {
 				}				
 			}
 		}
-		return _client.call(cmd, apiKey, secretKey, true, ApiConstants.AUTHORIZE_SECURITY_GROUP_INGRESS_RESPONSE, ApiConstants.SECURITY_GROUP, CloudStackSecurityGroupIngress.class);
+        return _client.call(cmd, apiKey, secretKey, true, ApiConstants.AUTHORIZE_SECURITY_GROUP_INGRESS_RESPONSE,
+                ApiConstants.SECURITY_GROUP, CloudStackSecurityGroup.class);
 	}
 
 	/**
diff --git a/client/tomcatconf/componentContext.xml.in b/client/tomcatconf/componentContext.xml.in
index 13779251554..48ed9f57c13 100644
--- a/client/tomcatconf/componentContext.xml.in
+++ b/client/tomcatconf/componentContext.xml.in
@@ -49,7 +49,7 @@
   <bean id="securityGroupManagerImpl2" class="com.cloud.network.security.SecurityGroupManagerImpl2" />
   <bean id="premiumSecondaryStorageManagerImpl" class="com.cloud.secstorage.PremiumSecondaryStorageManagerImpl" />
   <bean id="randomlyIncreasingVMInstanceDaoImpl" class="com.cloud.vm.dao.RandomlyIncreasingVMInstanceDaoImpl" />
-    
+  <bean id="ipv6AddressManagerImpl" class="com.cloud.network.Ipv6AddressManagerImpl" />
    
   <!--
       Network Elements
diff --git a/client/tomcatconf/components.xml.in b/client/tomcatconf/components.xml.in
index c41d4f4f18f..e9bd56a59e3 100755
--- a/client/tomcatconf/components.xml.in
+++ b/client/tomcatconf/components.xml.in
@@ -271,6 +271,7 @@ under the License.
         <dao name="Site2SiteCustomerGatewayDao" class="com.cloud.network.dao.Site2SiteCustomerGatewayDaoImpl" singleton="false"/>
         <dao name="Site2SiteVpnGatewayDao" class="com.cloud.network.dao.Site2SiteVpnGatewayDaoImpl" singleton="false"/>
         <dao name="Site2SiteVpnConnectionDao" class="com.cloud.network.dao.Site2SiteVpnConnectionDaoImpl" singleton="false"/>
+        <dao name="UserIpv6AddressDao" class="com.cloud.network.dao.UserIpv6AddressDaoImpl" singleton="false"/>
     </configuration-server>
     
     <awsapi-ec2server class="com.cloud.bridge.service.EC2MainServlet">
diff --git a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
index 5354d89847a..fc7f08f76a2 100755
--- a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
+++ b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
@@ -579,7 +579,9 @@ public class VirtualRoutingResource implements Manager {
     protected synchronized Answer execute (final DhcpEntryCommand cmd) {
         final Script command  = new Script(_dhcpEntryPath, _timeout, s_logger);
         command.add("-r", cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP));
+        if (cmd.getVmIpAddress() != null) {
         command.add("-v", cmd.getVmIpAddress());
+        }
         command.add("-m", cmd.getVmMac());
         command.add("-n", cmd.getVmName());
         
@@ -594,6 +596,11 @@ public class VirtualRoutingResource implements Manager {
         	command.add("-N", cmd.getDefaultDns());
         }
 
+        if (cmd.getVmIp6Address() != null) {
+        	command.add("-6", cmd.getVmIp6Address());
+        	command.add("-u", cmd.getDuid());
+        }
+
         final String result = command.execute();
         return new Answer(cmd, result==null, result);
     }
diff --git a/patches/systemvm/debian/config/etc/dnsmasq.conf b/patches/systemvm/debian/config/etc/dnsmasq.conf
index 8f999a75cb1..7d656cb2b77 100644
--- a/patches/systemvm/debian/config/etc/dnsmasq.conf
+++ b/patches/systemvm/debian/config/etc/dnsmasq.conf
@@ -4,11 +4,16 @@
 # as the long options legal on the command line. See
 # "/usr/sbin/dnsmasq --help" or "man 8 dnsmasq" for details.
 
+# Listen on this specific port instead of the standard DNS port
+# (53). Setting this to zero completely disables DNS function,
+# leaving only DHCP and/or TFTP.
+#port=5353
+
 # The following two options make you a better netizen, since they
 # tell dnsmasq to filter out queries which the public DNS cannot
 # answer, and which load the servers (especially the root servers)
-# uneccessarily. If you have a dial-on-demand link they also stop
-# these requests from bringing up the link uneccessarily.
+# unnecessarily. If you have a dial-on-demand link they also stop
+# these requests from bringing up the link unnecessarily.
 
 # Never forward plain names (without a dot or domain part)
 domain-needed
@@ -19,10 +24,10 @@ bogus-priv
 # Uncomment this to filter useless windows-originated DNS requests
 # which can trigger dial-on-demand links needlessly.
 # Note that (amongst other things) this blocks all SRV requests,
-# so don't use it if you use eg Kerberos.
+# so don't use it if you use eg Kerberos, SIP, XMMP or Google-talk.
 # This option only affects forwarding, SRV records originating for
 # dnsmasq (via srv-host= lines) are not suppressed by it.
-#filterwin2k
+filterwin2k
 
 # Change this line if you want dns to get its upstream servers from
 # somewhere other that /etc/resolv.conf
@@ -48,7 +53,7 @@ resolv-file=/etc/dnsmasq-resolv.conf
 # non-public domains.
 #server=/localnet/192.168.0.1
 
-# Example of routing PTR queries to nameservers: this will send all 
+# Example of routing PTR queries to nameservers: this will send all
 # address->name queries for 192.168.3/24 to nameserver 10.1.2.3
 #server=/3.168.192.in-addr.arpa/10.1.2.3
 
@@ -57,9 +62,21 @@ resolv-file=/etc/dnsmasq-resolv.conf
 local=/2.vmops-test.vmops.com/
 
 # Add domains which you want to force to an IP address here.
-# The example below send any host in doubleclick.net to a local
-# webserver.
-#address=/doubleclick.net/127.0.0.1
+# The example below send any host in double-click.net to a local
+# web-server.
+#address=/double-click.net/127.0.0.1
+
+# --address (and --server) work with IPv6 addresses too.
+#address=/www.thekelleys.org.uk/fe80::20d:60ff:fe36:f83
+
+# You can control how dnsmasq talks to a server: this forces
+# queries to 10.1.2.3 to be routed via eth1
+# server=10.1.2.3@eth1
+
+# and this sets the source (ie local) address used to talk to
+# 10.1.2.3 to 192.168.1.1 port 55 (there must be a interface with that
+# IP on the machine, obviously).
+# server=10.1.2.3@192.168.1.1#55
 
 # If you want dnsmasq to change uid and gid to something other
 # than the default, edit the following lines.
@@ -80,7 +97,7 @@ except-interface=lo
 #listen-address=
 # If you want dnsmasq to provide only DNS service on an interface,
 # configure it as shown above, and then use the following line to
-# disable DHCP on it.
+# disable DHCP and TFTP on it.
 no-dhcp-interface=eth1
 no-dhcp-interface=eth2
 
@@ -113,13 +130,19 @@ expand-hosts
 # 3) Provides the domain part for "expand-hosts"
 domain=2.vmops-test.vmops.com
 
+# Set a different domain for a particular subnet
+#domain=wireless.thekelleys.org.uk,192.168.2.0/24
+
+# Same idea, but range rather then subnet
+#domain=reserved.thekelleys.org.uk,192.68.3.100,192.168.3.200
+
 # Uncomment this to enable the integrated DHCP server, you need
 # to supply the range of addresses available for lease and optionally
 # a lease time. If you have more than one network, you will need to
 # repeat this for each network on which you want to supply DHCP
 # service.
-dhcp-range=10.1.1.1,static
-#dhcp-range=10.0.0.1,10.255.255.255
+dhcp-range_ip4=10.1.1.1,static
+dhcp-range_ip6=::1,static
 dhcp-hostsfile=/etc/dhcphosts.txt
 
 # This is an example of a DHCP range where the netmask is given. This
@@ -128,17 +151,68 @@ dhcp-hostsfile=/etc/dhcphosts.txt
 # don't need to worry about this.
 #dhcp-range=192.168.0.50,192.168.0.150,255.255.255.0,12h
 
-# This is an example of a DHCP range with a network-id, so that
+# This is an example of a DHCP range which sets a tag, so that
 # some DHCP options may be set only for this network.
-#dhcp-range=red,192.168.0.50,192.168.0.150
+#dhcp-range=set:red,192.168.0.50,192.168.0.150
+
+# Use this DHCP range only when the tag "green" is set.
+#dhcp-range=tag:green,192.168.0.50,192.168.0.150,12h
+
+# Specify a subnet which can't be used for dynamic address allocation,
+# is available for hosts with matching --dhcp-host lines. Note that
+# dhcp-host declarations will be ignored unless there is a dhcp-range
+# of some type for the subnet in question.
+# In this case the netmask is implied (it comes from the network
+# configuration on the machine running dnsmasq) it is possible to give
+# an explicit netmask instead.
+#dhcp-range=192.168.0.0,static
+
+# Enable DHCPv6. Note that the prefix-length does not need to be specified
+# and defaults to 64 if missing/
+#dhcp-range=1234::2, 1234::500, 64, 12h
+
+# Do Router Advertisements, BUT NOT DHCP for this subnet.
+#dhcp-range=1234::, ra-only 
+
+# Do Router Advertisements, BUT NOT DHCP for this subnet, also try and
+# add names to the DNS for the IPv6 address of SLAAC-configured dual-stack 
+# hosts. Use the DHCPv4 lease to derive the name, network segment and 
+# MAC address and assume that the host will also have an
+# IPv6 address calculated using the SLAAC alogrithm.
+#dhcp-range=1234::, ra-names
+
+# Do Router Advertisements, BUT NOT DHCP for this subnet.
+# Set the lifetime to 46 hours. (Note: minimum lifetime is 2 hours.)
+#dhcp-range=1234::, ra-only, 48h
+
+# Do DHCP and Router Advertisements for this subnet. Set the A bit in the RA
+# so that clients can use SLAAC addresses as well as DHCP ones.
+#dhcp-range=1234::2, 1234::500, slaac
+
+# Do Router Advertisements and stateless DHCP for this subnet. Clients will
+# not get addresses from DHCP, but they will get other configuration information.
+# They will use SLAAC for addresses.
+#dhcp-range=1234::, ra-stateless
+
+# Do stateless DHCP, SLAAC, and generate DNS names for SLAAC addresses
+# from DHCPv4 leases.
+#dhcp-range=1234::, ra-stateless, ra-names
+
+# Do router advertisements for all subnets where we're doing DHCPv6
+# Unless overriden by ra-stateless, ra-names, et al, the router 
+# advertisements will have the M and O bits set, so that the clients
+# get addresses and configuration from DHCPv6, and the A bit reset, so the 
+# clients don't use SLAAC addresses.
+#enable-ra
 
 # Supply parameters for specified hosts using DHCP. There are lots
 # of valid alternatives, so we will give examples of each. Note that
 # IP addresses DO NOT have to be in the range given above, they just
 # need to be on the same network. The order of the parameters in these
-# do not matter, it's permissble to give name,adddress and MAC in any order
+# do not matter, it's permissible to give name, address and MAC in any
+# order.
 
-# Always allocate the host with ethernet address 11:22:33:44:55:66
+# Always allocate the host with Ethernet address 11:22:33:44:55:66
 # The IP address 192.168.0.60
 #dhcp-host=11:22:33:44:55:66,192.168.0.60
 
@@ -146,11 +220,19 @@ dhcp-hostsfile=/etc/dhcphosts.txt
 # 11:22:33:44:55:66 to be "fred"
 #dhcp-host=11:22:33:44:55:66,fred
 
-# Always give the host with ethernet address 11:22:33:44:55:66
+# Always give the host with Ethernet address 11:22:33:44:55:66
 # the name fred and IP address 192.168.0.60 and lease time 45 minutes
 #dhcp-host=11:22:33:44:55:66,fred,192.168.0.60,45m
 
-# Give the machine which says it's name is "bert" IP address
+# Give a host with Ethernet address 11:22:33:44:55:66 or
+# 12:34:56:78:90:12 the IP address 192.168.0.60. Dnsmasq will assume
+# that these two Ethernet interfaces will never be in use at the same
+# time, and give the IP address to the second, even if it is already
+# in use by the first. Useful for laptops with wired and wireless
+# addresses.
+#dhcp-host=11:22:33:44:55:66,12:34:56:78:90:12,192.168.0.60
+
+# Give the machine which says its name is "bert" IP address
 # 192.168.0.70 and an infinite lease
 #dhcp-host=bert,192.168.0.70,infinite
 
@@ -167,41 +249,47 @@ dhcp-hostsfile=/etc/dhcphosts.txt
 # it asks for a DHCP lease.
 #dhcp-host=judge
 
-# Never offer DHCP service to a machine whose ethernet
+# Never offer DHCP service to a machine whose Ethernet
 # address is 11:22:33:44:55:66
 #dhcp-host=11:22:33:44:55:66,ignore
 
-# Ignore any client-id presented by the machine with ethernet
+# Ignore any client-id presented by the machine with Ethernet
 # address 11:22:33:44:55:66. This is useful to prevent a machine
 # being treated differently when running under different OS's or
 # between PXE boot and OS boot.
 #dhcp-host=11:22:33:44:55:66,id:*
 
 # Send extra options which are tagged as "red" to
-# the machine with ethernet address 11:22:33:44:55:66
-#dhcp-host=11:22:33:44:55:66,net:red
+# the machine with Ethernet address 11:22:33:44:55:66
+#dhcp-host=11:22:33:44:55:66,set:red
 
 # Send extra options which are tagged as "red" to
-# any machine with ethernet address starting 11:22:33:
-#dhcp-host=11:22:33:*:*:*,net:red
+# any machine with Ethernet address starting 11:22:33:
+#dhcp-host=11:22:33:*:*:*,set:red
 
-# Ignore any clients which are specified in dhcp-host lines
-# or /etc/ethers. Equivalent to ISC "deny unkown-clients".
-# This relies on the special "known" tag which is set when 
+# Give a fixed IPv6 address and name to client with 
+# DUID 00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2
+# Note the MAC addresses CANNOT be used to identify DHCPv6 clients.
+# Note also the they [] around the IPv6 address are obilgatory.
+#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5] 
+
+# Ignore any clients which are not specified in dhcp-host lines
+# or /etc/ethers. Equivalent to ISC "deny unknown-clients".
+# This relies on the special "known" tag which is set when
 # a host is matched.
-#dhcp-ignore=#known
+#dhcp-ignore=tag:!known
 
 # Send extra options which are tagged as "red" to any machine whose
 # DHCP vendorclass string includes the substring "Linux"
-#dhcp-vendorclass=red,Linux
+#dhcp-vendorclass=set:red,Linux
 
 # Send extra options which are tagged as "red" to any machine one
 # of whose DHCP userclass strings includes the substring "accounts"
-#dhcp-userclass=red,accounts
+#dhcp-userclass=set:red,accounts
 
 # Send extra options which are tagged as "red" to any machine whose
 # MAC address matches the pattern.
-#dhcp-mac=red,00:60:8C:*:*:*
+#dhcp-mac=set:red,00:60:8C:*:*:*
 
 # If this line is uncommented, dnsmasq will read /etc/ethers and act
 # on the ethernet-address/IP pairs found there just as if they had
@@ -211,11 +299,11 @@ dhcp-hostsfile=/etc/dhcphosts.txt
 
 # Send options to hosts which ask for a DHCP lease.
 # See RFC 2132 for details of available options.
-# Common options can be given to dnsmasq by name: 
+# Common options can be given to dnsmasq by name:
 # run "dnsmasq --help dhcp" to get a list.
 # Note that all the common settings, such as netmask and
 # broadcast address, DNS server and default route, are given
-# sane defaults by dnsmasq. You very likely will not need 
+# sane defaults by dnsmasq. You very likely will not need
 # any dhcp-options. If you use Windows clients and Samba, there
 # are some options which are recommended, they are detailed at the
 # end of this section.
@@ -229,13 +317,20 @@ dhcp-hostsfile=/etc/dhcphosts.txt
 
 # Override the default route supplied by dnsmasq and send no default
 # route at all. Note that this only works for the options sent by
-# default (1, 3, 6, 12, 28) the same line will send a zero-length option 
+# default (1, 3, 6, 12, 28) the same line will send a zero-length option
 # for all other option numbers.
 #dhcp-option=3
 
 # Set the NTP time server addresses to 192.168.0.4 and 10.10.0.5
 #dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5
 
+# Send DHCPv6 option. Note [] around IPv6 addresses.
+#dhcp-option=option6:dns-server,[1234::77],[1234::88]
+
+# Send DHCPv6 option for namservers as the machine running 
+# dnsmasq and another.
+#dhcp-option=option6:dns-server,[::],[1234::88]
+
 # Set the NTP time server address to be the same machine as
 # is running dnsmasq
 #dhcp-option=42,0.0.0.0
@@ -258,20 +353,23 @@ dhcp-option=15,"2.vmops-test.vmops.com"
 
 # Specify an option which will only be sent to the "red" network
 # (see dhcp-range for the declaration of the "red" network)
-# Note that the net: part must precede the option: part.
-#dhcp-option = net:red, option:ntp-server, 192.168.1.1
+# Note that the tag: part must precede the option: part.
+#dhcp-option = tag:red, option:ntp-server, 192.168.1.1
 
 # The following DHCP options set up dnsmasq in the same way as is specified
 # for the ISC dhcpcd in
 # http://www.samba.org/samba/ftp/docs/textdocs/DHCP-Server-Configuration.txt
 # adapted for a typical dnsmasq installation where the host running
 # dnsmasq is also the host running samba.
-# you may want to uncomment them if you use Windows clients and Samba.
+# you may want to uncomment some or all of them if you use
+# Windows clients and Samba.
 #dhcp-option=19,0           # option ip-forwarding off
 #dhcp-option=44,0.0.0.0     # set netbios-over-TCP/IP nameserver(s) aka WINS server(s)
 #dhcp-option=45,0.0.0.0     # netbios datagram distribution server
 #dhcp-option=46,8           # netbios node type
-#dhcp-option=47             # empty netbios scope.
+
+# Send an empty WPAD option. This may be REQUIRED to get windows 7 to behave.
+#dhcp-option=252,"\n"
 
 # Send RFC-3397 DNS domain search DHCP option. WARNING: Your DHCP client
 # probably doesn't support this......
@@ -280,10 +378,10 @@ dhcp-option=15,"2.vmops-test.vmops.com"
 # Send RFC-3442 classless static routes (note the netmask encoding)
 #dhcp-option=121,192.168.1.0/24,1.2.3.4,10.0.0.0/8,5.6.7.8
 
-# Send vendor-class specific options encapsulated in DHCP option 43. 
+# Send vendor-class specific options encapsulated in DHCP option 43.
 # The meaning of the options is defined by the vendor-class so
 # options are sent only when the client supplied vendor class
-# matches the class given here. (A substring match is OK, so "MSFT" 
+# matches the class given here. (A substring match is OK, so "MSFT"
 # matches "MSFT" and "MSFT 5.0"). This example sets the
 # mtftp address to 0.0.0.0 for PXEClients.
 #dhcp-option=vendor:PXEClient,1,0.0.0.0
@@ -300,7 +398,7 @@ dhcp-option=vendor:MSFT,2,1i
 
 # Send options to PXELinux. Note that we need to send the options even
 # though they don't appear in the parameter request list, so we need
-# to use dhcp-option-force here. 
+# to use dhcp-option-force here.
 # See http://syslinux.zytor.com/pxe.php#special for details.
 # Magic number - needed before anything else is recognised
 #dhcp-option-force=208,f1:00:74:7e
@@ -311,29 +409,97 @@ dhcp-option=vendor:MSFT,2,1i
 # Reboot time. (Note 'i' to send 32-bit value)
 #dhcp-option-force=211,30i
 
-# Set the boot filename for BOOTP. You will only need 
+# Set the boot filename for netboot/PXE. You will only need
 # this is you want to boot machines over the network and you will need
 # a TFTP server; either dnsmasq's built in TFTP server or an
 # external one. (See below for how to enable the TFTP server.)
 #dhcp-boot=pxelinux.0
 
+# The same as above, but use custom tftp-server instead machine running dnsmasq
+#dhcp-boot=pxelinux,server.name,192.168.1.100
+
+# Boot for Etherboot gPXE. The idea is to send two different
+# filenames, the first loads gPXE, and the second tells gPXE what to
+# load. The dhcp-match sets the gpxe tag for requests from gPXE.
+#dhcp-match=set:gpxe,175 # gPXE sends a 175 option.
+#dhcp-boot=tag:!gpxe,undionly.kpxe
+#dhcp-boot=mybootimage
+
+# Encapsulated options for Etherboot gPXE. All the options are
+# encapsulated within option 175
+#dhcp-option=encap:175, 1, 5b         # priority code
+#dhcp-option=encap:175, 176, 1b       # no-proxydhcp
+#dhcp-option=encap:175, 177, string   # bus-id
+#dhcp-option=encap:175, 189, 1b       # BIOS drive code
+#dhcp-option=encap:175, 190, user     # iSCSI username
+#dhcp-option=encap:175, 191, pass     # iSCSI password
+
+# Test for the architecture of a netboot client. PXE clients are
+# supposed to send their architecture as option 93. (See RFC 4578)
+#dhcp-match=peecees, option:client-arch, 0 #x86-32
+#dhcp-match=itanics, option:client-arch, 2 #IA64
+#dhcp-match=hammers, option:client-arch, 6 #x86-64
+#dhcp-match=mactels, option:client-arch, 7 #EFI x86-64
+
+# Do real PXE, rather than just booting a single file, this is an
+# alternative to dhcp-boot.
+#pxe-prompt="What system shall I netboot?"
+# or with timeout before first available action is taken:
+#pxe-prompt="Press F8 for menu.", 60
+
+# Available boot services. for PXE.
+#pxe-service=x86PC, "Boot from local disk"
+
+# Loads <tftp-root>/pxelinux.0 from dnsmasq TFTP server.
+#pxe-service=x86PC, "Install Linux", pxelinux
+
+# Loads <tftp-root>/pxelinux.0 from TFTP server at 1.2.3.4.
+# Beware this fails on old PXE ROMS.
+#pxe-service=x86PC, "Install Linux", pxelinux, 1.2.3.4
+
+# Use bootserver on network, found my multicast or broadcast.
+#pxe-service=x86PC, "Install windows from RIS server", 1
+
+# Use bootserver at a known IP address.
+#pxe-service=x86PC, "Install windows from RIS server", 1, 1.2.3.4
+
+# If you have multicast-FTP available,
+# information for that can be passed in a similar way using options 1
+# to 5. See page 19 of
+# http://download.intel.com/design/archives/wfm/downloads/pxespec.pdf
+
+
 # Enable dnsmasq's built-in TFTP server
 #enable-tftp
 
-# Set the root directory for files availble via FTP.
+# Set the root directory for files available via FTP.
 #tftp-root=/var/ftpd
 
 # Make the TFTP server more secure: with this set, only files owned by
 # the user dnsmasq is running as will be send over the net.
 #tftp-secure
 
+# This option stops dnsmasq from negotiating a larger blocksize for TFTP
+# transfers. It will slow things down, but may rescue some broken TFTP
+# clients.
+#tftp-no-blocksize
+
 # Set the boot file name only when the "red" tag is set.
 #dhcp-boot=net:red,pxelinux.red-net
 
-# An example of dhcp-boot with an external server: the name and IP
+# An example of dhcp-boot with an external TFTP server: the name and IP
 # address of the server are given after the filename.
+# Can fail with old PXE ROMS. Overridden by --pxe-service.
 #dhcp-boot=/var/ftpd/pxelinux.0,boothost,192.168.0.3
 
+# If there are multiple external tftp servers having a same name
+# (using /etc/hosts) then that name can be specified as the
+# tftp_servername (the third option to dhcp-boot) and in that
+# case dnsmasq resolves this name and returns the resultant IP
+# addresses in round robin fasion. This facility can be used to
+# load balance the tftp load among a set of servers.
+#dhcp-boot=/var/ftpd/pxelinux.0,boothost,tftp_server_name
+
 # Set the limit on DHCP leases, the default is 150
 #dhcp-lease-max=150
 
@@ -347,16 +513,16 @@ leasefile-ro
 # and take over the lease for any client which broadcasts on the network,
 # whether it has a record of the lease or not. This avoids long timeouts
 # when a machine wakes up on a new network. DO NOT enable this if there's
-# the slighest chance that you might end up accidentally configuring a DHCP
+# the slightest chance that you might end up accidentally configuring a DHCP
 # server for your campus/company accidentally. The ISC server uses
 # the same option, and this URL provides more information:
-# http://www.isc.org/index.pl?/sw/dhcp/authoritative.php
+# http://www.isc.org/files/auth.html
 #dhcp-authoritative
 
 # Run an executable when a DHCP lease is created or destroyed.
-# The arguments sent to the script are "add" or "del", 
+# The arguments sent to the script are "add" or "del",
 # then the MAC address, the IP address and finally the hostname
-# if there is one. 
+# if there is one.
 #dhcp-script=/bin/echo
 
 # Set the cachesize here.
@@ -385,7 +551,8 @@ leasefile-ro
 #alias=1.2.3.4,5.6.7.8
 # and this maps 1.2.3.x to 5.6.7.x
 #alias=1.2.3.0,5.6.7.0,255.255.255.0
-
+# and this maps 192.168.0.10->192.168.0.40 to 10.0.0.10->10.0.0.40
+#alias=192.168.0.10-192.168.0.40,10.0.0.0,255.255.255.0
 
 # Change these lines if you want dnsmasq to serve MX records.
 
@@ -415,12 +582,12 @@ leasefile-ro
 # set for this to work.)
 
 # A SRV record sending LDAP for the example.com domain to
-# ldapserver.example.com port 289
+# ldapserver.example.com port 389
 #srv-host=_ldap._tcp.example.com,ldapserver.example.com,389
 
 # A SRV record sending LDAP for the example.com domain to
-# ldapserver.example.com port 289 (using domain=)
-###domain=example.com
+# ldapserver.example.com port 389 (using domain=)
+#domain=example.com
 #srv-host=_ldap._tcp,ldapserver.example.com,389
 
 # Two SRV records for LDAP, each with different priorities
@@ -448,6 +615,10 @@ leasefile-ro
 #Example zeroconf
 #txt-record=_http._tcp.example.com,name=value,paper=A4
 
+# Provide an alias for a "local" DNS name. Note that this _only_ works
+# for targets which are names from DHCP or /etc/hosts. Give host
+# "bert" another name, bertrand
+#cname=bertand,bert
 
 # For debugging purposes, log each DNS query as it passes through
 # dnsmasq.
@@ -461,6 +632,3 @@ log-facility=/var/log/dnsmasq.log
 # Include a another lot of configuration options.
 #conf-file=/etc/dnsmasq.more.conf
 conf-dir=/etc/dnsmasq.d
-
-# Don't reply Windows's periodical DNS request
-filterwin2k
diff --git a/patches/systemvm/debian/config/etc/init.d/cloud-early-config b/patches/systemvm/debian/config/etc/init.d/cloud-early-config
index 285a92fa0a6..db2fcc2046e 100755
--- a/patches/systemvm/debian/config/etc/init.d/cloud-early-config
+++ b/patches/systemvm/debian/config/etc/init.d/cloud-early-config
@@ -229,6 +229,23 @@ setup_interface() {
   fi
 }
 
+setup_interface_ipv6() {
+  sysctl net.ipv6.conf.all.disable_ipv6=0
+  sysctl net.ipv6.conf.all.accept_ra=1
+  
+  local intfnum=$1
+  local ipv6="$2"
+  local prelen="$3"
+  local intf=eth${intfnum}
+  
+  echo "iface $intf inet6 static" >> /etc/network/interfaces
+  echo "  address $ipv6 " >> /etc/network/interfaces
+  echo "  netmask $prelen" >> /etc/network/interfaces
+  echo "  accept_ra 1" >> /etc/network/interfaces
+  ifdown $intf
+  ifup $intf
+}
+
 enable_fwding() {
   local enabled=$1
   log_it "cloud: enable_fwding = $1"
@@ -303,7 +320,14 @@ disable_hvc() {
 
 setup_common() {
   init_interfaces $1 $2 $3
-  setup_interface "0" $ETH0_IP $ETH0_MASK $GW
+  if [ -n "$ETH0_IP" ]
+  then
+    setup_interface "0" $ETH0_IP $ETH0_MASK $GW
+  fi
+  if [ -n "$ETH0_IP6" ]
+  then
+	  setup_interface_ipv6 "0" $ETH0_IP6 $ETH0_IP6_PRELEN
+  fi
   setup_interface "1" $ETH1_IP $ETH1_MASK $GW
   if [ -n "$ETH2_IP" ]
   then
@@ -374,7 +398,8 @@ setup_common() {
 
 setup_dnsmasq() {
   log_it "Setting up dnsmasq"
-  [ -z $DHCP_RANGE ] && DHCP_RANGE=$ETH0_IP
+  [ -z $DHCP_RANGE ] && [ $ETH0_IP ] && DHCP_RANGE=$ETH0_IP
+  [ $ETH0_IP6 ] && DHCP_RANGE_IP6=$ETH0_IP6
   [ -z $DOMAIN ] && DOMAIN="cloudnine.internal"
   
   if [ -n "$DOMAIN" ]
@@ -398,8 +423,20 @@ setup_dnsmasq() {
       sed -i s/[#]*dhcp-option=15.*$/dhcp-option=15,\""$DNS_SEARCH_ORDER"\"/ /etc/dnsmasq.conf
   fi
   
-  sed -i -e "s/^dhcp-range=.*$/dhcp-range=$DHCP_RANGE,static/" /etc/dnsmasq.conf
-  sed -i -e "s/^[#]*listen-address=.*$/listen-address=$ETH0_IP/" /etc/dnsmasq.conf
+  if [ $DHCP_RANGE ]
+  then
+    sed -i -e "s/^dhcp-range_ip4=.*$/dhcp-range=$DHCP_RANGE,static/" /etc/dnsmasq.conf
+  else
+    sed -i -e "s/^dhcp-range_ip4=.*$//" /etc/dnsmasq.conf
+  fi
+  if [ $DHCP_RANGE_IP6 ]
+  then
+    sed -i -e "s/^dhcp-range_ip6=.*$/dhcp-range=$DHCP_RANGE_IP6,static/" /etc/dnsmasq.conf
+  else
+    sed -i -e "s/^dhcp-range_ip6=.*$//" /etc/dnsmasq.conf
+  fi
+
+  sed -i -e "s/^[#]*listen-address=.*$/listen-address=$LOCAL_ADDRS/" /etc/dnsmasq.conf
 
   if [ "$RROUTER" == "1" ]
   then
@@ -683,14 +720,15 @@ setup_dhcpsrvr() {
   if [ "$DEFAULTROUTE" != "false" ]
   then
     sed -i -e "/^[#]*dhcp-option=option:router.*$/d" /etc/dnsmasq.conf
-    echo "dhcp-option=option:router,$GW" >> /etc/dnsmasq.conf
+    [ $GW ] && echo "dhcp-option=option:router,$GW" >> /etc/dnsmasq.conf
     #for now set up ourself as the dns server as well
     sed -i -e "/^[#]*dhcp-option=6.*$/d" /etc/dnsmasq.conf
     if [ "$USE_EXTERNAL_DNS" == "true" ]
     then
         echo "dhcp-option=6,$NS" >> /etc/dnsmasq.conf
     else
-        echo "dhcp-option=6,$ETH0_IP,$NS" >> /etc/dnsmasq.conf
+        [ $ETH0_IP ] && echo "dhcp-option=6,$ETH0_IP,$NS" >> /etc/dnsmasq.conf
+        [ $ETH0_IP6 ] && echo "dhcp-option=option6:dns-server,[::]" >> /etc/dnsmasq.conf
     fi
   else
     sed -i -e "/^[#]*dhcp-option=option:router.*$/d" /etc/dnsmasq.conf
@@ -700,7 +738,8 @@ setup_dhcpsrvr() {
   fi
 
   sed -i  /gateway/d /etc/hosts
-  echo "$ETH0_IP $NAME" >> /etc/hosts
+  [ $ETH0_IP ] && echo "$ETH0_IP $NAME" >> /etc/hosts
+  [ $ETH0_IP6 ] && echo "$ETH0_IP6 $NAME" >> /etc/hosts
 
   enable_svc dnsmasq 1
   enable_svc haproxy 0
@@ -903,6 +942,9 @@ for i in $CMDLINE
       gateway)
           GW=$VALUE
           ;;
+      ip6gateway)
+          IP6GW=$VALUE
+          ;;
       eth0mask)
           ETH0_MASK=$VALUE
           ;;
@@ -912,6 +954,12 @@ for i in $CMDLINE
       eth2mask)
           ETH2_MASK=$VALUE
           ;;
+      eth0ip6)
+          ETH0_IP6=$VALUE
+          ;;
+      eth0ip6prelen)
+          ETH0_IP6_PRELEN=$VALUE
+          ;;
       internaldns1)
           internalNS1=$VALUE
           ;;
@@ -1001,8 +1049,11 @@ for i in $CMDLINE
         ;;
     esac
 done
-}
 
+[ $ETH0_IP ] && LOCAL_ADDRS=$ETH0_IP
+[ $ETH0_IP6 ] && LOCAL_ADDRS=$ETH0_IP6
+[ $ETH0_IP ] && [ $ETH0_IP6 ] && LOCAL_ADDRS="$ETH0_IP,$ETH0_IP6"
+}
 
 case "$1" in
 start)
diff --git a/patches/systemvm/debian/config/etc/sysctl.conf b/patches/systemvm/debian/config/etc/sysctl.conf
index 961d471dfa9..586d5bdb7c6 100644
--- a/patches/systemvm/debian/config/etc/sysctl.conf
+++ b/patches/systemvm/debian/config/etc/sysctl.conf
@@ -42,8 +42,8 @@ net.ipv4.tcp_max_tw_buckets=1000000
 net.core.somaxconn=1000000
 
 # Disable IPv6
-net.ipv6.conf.all.disable_ipv6 = 1
-net.ipv6.conf.all.forwarding = 0
-net.ipv6.conf.all.accept_ra = 0
+net.ipv6.conf.all.disable_ipv6 = 0
+net.ipv6.conf.all.forwarding = 1
+net.ipv6.conf.all.accept_ra = 1
 net.ipv6.conf.all.accept_redirects = 0
 net.ipv6.conf.all.autoconf = 0
diff --git a/patches/systemvm/debian/config/root/edithosts.sh b/patches/systemvm/debian/config/root/edithosts.sh
index 37c75a53022..3cf27427653 100755
--- a/patches/systemvm/debian/config/root/edithosts.sh
+++ b/patches/systemvm/debian/config/root/edithosts.sh
@@ -26,12 +26,43 @@
 # $5 : nameserver on default nic
 # $6 : comma separated static routes
 
-mac=$1
-ip=$2
-host=$3
-dflt=$4
-dns=$5
-routes=$6
+usage() {
+  printf "Usage: %s: -m <MAC address> -4 <IPv4 address> -6 <IPv6 address> -h <hostname> -d <default router> -n <name server address> -s <Routes> -u <DUID>\n" $(basename $0) >&2
+}
+
+mac=
+ipv4=
+ipv6=
+host=
+dflt=
+dns=
+routes=
+duid=
+
+while getopts 'm:4:h:d:n:s:6:u:' OPTION
+do
+  case $OPTION in
+  m)    mac="$OPTARG"
+        ;;
+  4)    ipv4="$OPTARG"
+        ;;
+  6)    ipv6="$OPTARG"
+        ;;
+  u)    duid="$OPTARG"
+        ;;
+  h)    host="$OPTARG"
+        ;;
+  d)    dflt="$OPTARG"
+        ;;
+  n)    dns="$OPTARG"
+        ;;
+  s)    routes="$OPTARG"
+        ;;
+  ?)    usage
+        exit 2
+        ;;
+  esac
+done
 
 DHCP_HOSTS=/etc/dhcphosts.txt
 DHCP_OPTS=/etc/dhcpopts.txt
@@ -70,26 +101,69 @@ logger -t cloud "edithosts: update $1 $2 $3 to hosts"
 [ ! -f $DHCP_LEASES ] && touch $DHCP_LEASES
 
 #delete any previous entries from the dhcp hosts file
-sed -i  /$mac/d $DHCP_HOSTS 
-sed -i  /$ip,/d $DHCP_HOSTS 
-sed -i  /$host,/d $DHCP_HOSTS 
+sed -i  /$mac/d $DHCP_HOSTS
+if [ $ipv4 ]
+then
+  sed -i  /$ipv4,/d $DHCP_HOSTS
+fi
+if [ $ipv6 ]
+then
+  sed -i  /$ipv6,/d $DHCP_HOSTS
+fi
+sed -i  /$host,/d $DHCP_HOSTS
 
 
 #put in the new entry
-echo "$mac,$ip,$host,infinite" >>$DHCP_HOSTS
+if [ $ipv4 ]
+then
+  echo "$mac,$ipv4,$host,infinite" >>$DHCP_HOSTS
+fi
+if [ $ipv6 ]
+then
+  echo "id:$duid,[$ipv6],$host,infinite" >>$DHCP_HOSTS
+fi
 
 #delete leases to supplied mac and ip addresses
-sed -i  /$mac/d $DHCP_LEASES 
-sed -i  /"$ip "/d $DHCP_LEASES 
+if [ $ipv4 ]
+then
+  sed -i  /$mac/d $DHCP_LEASES 
+  sed -i  /"$ipv4 "/d $DHCP_LEASES 
+fi
+if [ $ipv6 ]
+then
+  sed -i  /$duid/d $DHCP_LEASES 
+  sed -i  /"$ipv6 "/d $DHCP_LEASES 
+fi
 sed -i  /"$host "/d $DHCP_LEASES 
 
 #put in the new entry
-echo "0 $mac $ip $host *" >> $DHCP_LEASES
+if [ $ipv4 ]
+then
+  echo "0 $mac $ipv4 $host *" >> $DHCP_LEASES
+fi
+if [ $ipv6 ]
+then
+  echo "0 $duid $ipv6 $host *" >> $DHCP_LEASES
+fi
 
 #edit hosts file as well
-sed -i  /"$ip "/d $HOSTS
+if [ $ipv4 ]
+then
+  sed -i  /"$ipv4 "/d $HOSTS
+fi
+if [ $ipv6 ]
+then
+  sed -i  /"$ipv6 "/d $HOSTS
+fi
 sed -i  /" $host$"/d $HOSTS
-echo "$ip $host" >> $HOSTS
+if [ $ipv4 ]
+then
+  echo "$ipv4 $host" >> $HOSTS
+fi
+if [ $ipv6 ]
+then
+  echo "$ipv6 $host" >> $HOSTS
+fi
 
 if [ "$dflt" != "" ]
 then
@@ -97,26 +171,26 @@ then
   sed -i /dhcp-optsfile/d /etc/dnsmasq.conf
   echo "dhcp-optsfile=$DHCP_OPTS" >> /etc/dnsmasq.conf
 
-  tag=$(echo $ip | tr '.' '_')
+  tag=$(echo $ipv4 | tr '.' '_')
   sed -i /$tag/d $DHCP_OPTS
   if [ "$dflt" != "0.0.0.0" ]
   then
-      logger -t cloud "$0: setting default router for $ip to $dflt"
+      logger -t cloud "$0: setting default router for $ipv4 to $dflt"
       echo "$tag,3,$dflt" >> $DHCP_OPTS
   else
-      logger -t cloud "$0: unset default router for $ip"
+      logger -t cloud "$0: unset default router for $ipv4"
       echo "$tag,3," >> $DHCP_OPTS
   fi
   if [ "$dns" != "" ] 
   then
-    logger -t cloud "$0: setting dns server for $ip to $dns"
+    logger -t cloud "$0: setting dns server for $ipv4 to $dns"
     echo "$tag,6,$dns" >> $DHCP_OPTS
   fi
   [ "$routes" != "" ] && echo "$tag,121,$routes" >> $DHCP_OPTS
   #delete entry we just put in because we need a tag
-  sed -i  /$mac/d $DHCP_HOSTS 
+  sed -i  /$ipv4/d $DHCP_HOSTS 
   #put it back with a tag
-  echo "$mac,set:$tag,$ip,$host,infinite" >>$DHCP_HOSTS
+  echo "$mac,set:$tag,$ipv4,$host,infinite" >>$DHCP_HOSTS
 fi
 
 # make dnsmasq re-read files
diff --git a/plugins/hypervisors/baremetal/src/com/cloud/baremetal/networkservice/BaremetalDhcpManagerImpl.java b/plugins/hypervisors/baremetal/src/com/cloud/baremetal/networkservice/BaremetalDhcpManagerImpl.java
index 9a01ac29e0d..af9e103f77b 100755
--- a/plugins/hypervisors/baremetal/src/com/cloud/baremetal/networkservice/BaremetalDhcpManagerImpl.java
+++ b/plugins/hypervisors/baremetal/src/com/cloud/baremetal/networkservice/BaremetalDhcpManagerImpl.java
@@ -146,8 +146,8 @@ public class BaremetalDhcpManagerImpl extends ManagerBase implements BaremetalDh
         if (dns == null) {
             dns = nic.getDns2();
         }
-        DhcpEntryCommand dhcpCommand = new DhcpEntryCommand(nic.getMacAddress(), nic.getIp4Address(), profile.getVirtualMachine().getHostName(), dns,
-                nic.getGateway());
+        DhcpEntryCommand dhcpCommand = new DhcpEntryCommand(nic.getMacAddress(), nic.getIp4Address(), profile.getVirtualMachine().getHostName(), null, dns,
+                nic.getGateway(), null);
         String errMsg = String.format("Set dhcp entry on external DHCP %1$s failed(ip=%2$s, mac=%3$s, vmname=%4$s)", h.getPrivateIpAddress(),
                 nic.getIp4Address(), nic.getMacAddress(), profile.getVirtualMachine().getHostName());
         // prepareBareMetalDhcpEntry(nic, dhcpCommand);
diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
index 85a34eb5887..a1b1336a2c9 100755
--- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
@@ -1651,20 +1651,27 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
         }
 
         // ssh -p 3922 -o StrictHostKeyChecking=no -i $cert root@$domr "/root/edithosts.sh $mac $ip $vm $dfltrt $ns $staticrt" >/dev/null
-        String args = " " + cmd.getVmMac();
-        args += " " + cmd.getVmIpAddress();
-        args += " " + cmd.getVmName();
+        String args = " -m " + cmd.getVmMac();
+        if (cmd.getVmIpAddress() != null) {
+        	args += " -4 " + cmd.getVmIpAddress();
+        }
+        args += " -h " + cmd.getVmName();
 
         if (cmd.getDefaultRouter() != null) {
-            args += " " + cmd.getDefaultRouter();
+            args += " -d " + cmd.getDefaultRouter();
         }
 
         if (cmd.getDefaultDns() != null) {
-            args += " " + cmd.getDefaultDns();
+            args += " -n " + cmd.getDefaultDns();
         }
 
         if (cmd.getStaticRoutes() != null) {
-            args +=  " " + cmd.getStaticRoutes();
+            args += " -s " + cmd.getStaticRoutes();
+        }
+        
+        if (cmd.getVmIp6Address() != null) {
+        	args += " -6 " + cmd.getVmIp6Address();
+        	args += " -u " + cmd.getDuid();
         }
 
         if (s_logger.isDebugEnabled()) {
diff --git a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
index 4a74b64e88d..71f2002b83a 100644
--- a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
+++ b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
@@ -1759,7 +1759,9 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
     protected synchronized Answer execute(final DhcpEntryCommand cmd) {
         Connection conn = getConnection();
         String args = "-r " + cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
+        if (cmd.getVmIpAddress() != null) {
         args += " -v " + cmd.getVmIpAddress();
+        }
         args += " -m " + cmd.getVmMac();
         args += " -n " + cmd.getVmName();
         if (cmd.getDefaultRouter() != null) {
@@ -1773,6 +1775,11 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
             args += " -N " + cmd.getDefaultDns();
         }
 
+        if (cmd.getVmIp6Address() != null) {
+        	args += " -6 " + cmd.getVmIp6Address();
+        	args += " -u " + cmd.getDuid();
+        }
+        
         String result = callHostPlugin(conn, "vmops", "saveDhcpEntry", "args", args);
         if (result == null || result.isEmpty()) {
             return new Answer(cmd, false, "DhcpEntry failed");
diff --git a/pom.xml b/pom.xml
index 604b39ec1b0..5a1f66eded5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -89,6 +89,7 @@
     <cs.lang.version>2.6</cs.lang.version>
     <cs.commons-io.version>1.4</cs.commons-io.version>
     <cs.reflections.version>0.9.8</cs.reflections.version>
+    <cs.java-ipv6.version>0.8</cs.java-ipv6.version>
   </properties>
 
   <distributionManagement>
diff --git a/scripts/network/domr/dhcp_entry.sh b/scripts/network/domr/dhcp_entry.sh
index c1bf3543dfb..e417f7273a2 100755
--- a/scripts/network/domr/dhcp_entry.sh
+++ b/scripts/network/domr/dhcp_entry.sh
@@ -22,24 +22,12 @@
 # @VERSION@
 
 usage() {
-  printf "Usage: %s: -r <domr-ip> -m <vm mac> -v <vm ip> -n <vm name>\n" $(basename $0) >&2
+  printf "Usage: %s: -r <domr-ip> -m <vm mac> -v <vm ip> -n <vm name> -s <static route> -d <default router> -N <dns> -6 <vm IPv6> -u <duid>\n" $(basename $0) >&2
   exit 2
 }
 
 cert="/root/.ssh/id_rsa.cloud"
 
-add_dhcp_entry() {
-  local domr=$1
-  local mac=$2
-  local ip=$3
-  local vm=$4
-  local dfltrt=$5
-  local ns=$6
-  local staticrt=$7
-  ssh -p 3922 -o StrictHostKeyChecking=no -i $cert root@$domr "/root/edithosts.sh $mac $ip $vm $dfltrt $ns $staticrt" >/dev/null
-  return $?
-}
-
 domrIp=
 vmMac=
 vmIp=
@@ -47,30 +35,46 @@ vmName=
 staticrt=
 dfltrt=
 dns=
+ipv6=
+duid=
 
-while getopts 'r:m:v:n:d:s:N:' OPTION
+opts=
+
+while getopts 'r:m:v:n:d:s:N:6:u:' OPTION
 do
   case $OPTION in
-  r)	domrIp="$OPTARG"
-		;;
-  v)	vmIp="$OPTARG"
-		;;
-  m)	vmMac="$OPTARG"
-		;;
-  n)	vmName="$OPTARG"
-		;;
-  s)	staticrt="$OPTARG"
-		;;
-  d)	dfltrt="$OPTARG"
-		;;
-  N)	dns="$OPTARG"
-		;;
-  ?)    usage
-		exit 1
-		;;
+  r)  domrIp="$OPTARG"
+      ;;
+  v)  vmIp="$OPTARG"
+      opts="$opts -4 $vmIp"
+      ;;
+  m)  vmMac="$OPTARG"
+      opts="$opts -m $vmMac"
+      ;;
+  n)  vmName="$OPTARG"
+      opts="$opts -h $vmName"
+      ;;
+  s)  staticrt="$OPTARG"
+      opts="$opts -s $staticrt"
+      ;;
+  d)  dfltrt="$OPTARG"
+      opts="$opts -d $dfltrt"
+      ;;
+  N)  dns="$OPTARG"
+      opts="$opts -n $dns"
+      ;;
+  6)  ipv6="$OPTARG"
+      opts="$opts -6 $ipv6"
+      ;;
+  u)  duid="$OPTARG"
+      opts="$opts -u $duid"
+      ;;
+  ?)  usage
+      exit 1
+      ;;
   esac
 done
 
-add_dhcp_entry $domrIp $vmMac $vmIp $vmName $dfltrt $dns $staticrt
+ssh -p 3922 -o StrictHostKeyChecking=no -i $cert root@$domrIp "/root/edithosts.sh $opts " >/dev/null
 
 exit $?
diff --git a/server/src/com/cloud/api/ApiResponseHelper.java b/server/src/com/cloud/api/ApiResponseHelper.java
index d4ad82b244c..9aae15421bd 100755
--- a/server/src/com/cloud/api/ApiResponseHelper.java
+++ b/server/src/com/cloud/api/ApiResponseHelper.java
@@ -484,9 +484,21 @@ public class ApiResponseHelper implements ResponseGenerator {
 
         // get start ip and end ip of corresponding vlan
         String ipRange = vlan.getIpRange();
+        if (ipRange != null) {
         String[] range = ipRange.split("-");
         vlanResponse.setStartIp(range[0]);
         vlanResponse.setEndIp(range[1]);
+        }
+
+        vlanResponse.setIp6Gateway(vlan.getIp6Gateway());
+        vlanResponse.setIp6Cidr(vlan.getIp6Cidr());
+        
+        String ip6Range = vlan.getIp6Range();
+        if (ip6Range != null) {
+        	String[] range = ip6Range.split("-");
+        	vlanResponse.setStartIpv6(range[0]);
+        	vlanResponse.setEndIpv6(range[1]);
+        }
 
         if (vlan.getNetworkId() != null) {
             Network nw = ApiDBUtils.findNetworkById(vlan.getNetworkId());
@@ -2155,6 +2167,9 @@ public class ApiResponseHelper implements ResponseGenerator {
             response.setNetmask(NetUtils.cidr2Netmask(network.getCidr()));
         }
 
+        response.setIp6Gateway(network.getIp6Gateway());
+        response.setIp6Cidr(network.getIp6Cidr());
+
         //return vlan information only to Root admin
         if (network.getBroadcastUri() != null && UserContext.current().getCaller().getType() == Account.ACCOUNT_TYPE_ADMIN) {
             String broadcastUri = network.getBroadcastUri().toString();
diff --git a/server/src/com/cloud/api/query/QueryManagerImpl.java b/server/src/com/cloud/api/query/QueryManagerImpl.java
index 66e83da9983..51312a60eb1 100644
--- a/server/src/com/cloud/api/query/QueryManagerImpl.java
+++ b/server/src/com/cloud/api/query/QueryManagerImpl.java
@@ -1864,23 +1864,23 @@ public class QueryManagerImpl extends ManagerBase implements QueryService {
         }
 
         if (name != null) {
-            sc.setParameters("name", SearchCriteria.Op.LIKE, "%" + name + "%");
+            sc.setParameters("name", "%" + name + "%");
         }
 
         if (path != null) {
-            sc.setParameters("path", SearchCriteria.Op.EQ, path);
+            sc.setParameters("path", path);
         }
         if (zoneId != null) {
-            sc.setParameters("dataCenterId", SearchCriteria.Op.EQ, zoneId);
+            sc.setParameters("dataCenterId", zoneId);
         }
         if (pod != null) {
-            sc.setParameters("podId", SearchCriteria.Op.EQ, pod);
+            sc.setParameters("podId", pod);
         }
         if (address != null) {
-            sc.setParameters("hostAddress", SearchCriteria.Op.EQ, address);
+            sc.setParameters("hostAddress", address);
         }
         if (cluster != null) {
-            sc.setParameters("clusterId", SearchCriteria.Op.EQ, cluster);
+            sc.setParameters("clusterId", cluster);
         }
 
         // search Pool details by ids
diff --git a/server/src/com/cloud/baremetal/ExternalDhcpManagerImpl.java b/server/src/com/cloud/baremetal/ExternalDhcpManagerImpl.java
index 584c20118c7..c534df17381 100755
--- a/server/src/com/cloud/baremetal/ExternalDhcpManagerImpl.java
+++ b/server/src/com/cloud/baremetal/ExternalDhcpManagerImpl.java
@@ -205,7 +205,7 @@ public class ExternalDhcpManagerImpl extends ManagerBase implements ExternalDhcp
 		if (dns == null) {
 			dns = nic.getDns2();
 		}
-		DhcpEntryCommand dhcpCommand = new DhcpEntryCommand(nic.getMacAddress(), nic.getIp4Address(), profile.getVirtualMachine().getHostName(), dns, nic.getGateway());
+		DhcpEntryCommand dhcpCommand = new DhcpEntryCommand(nic.getMacAddress(), nic.getIp4Address(), profile.getVirtualMachine().getHostName(), null, dns, nic.getGateway(), null);
 		String errMsg = String.format("Set dhcp entry on external DHCP %1$s failed(ip=%2$s, mac=%3$s, vmname=%4$s)",
 				h.getPrivateIpAddress(), nic.getIp4Address(), nic.getMacAddress(), profile.getVirtualMachine().getHostName());
 		//prepareBareMetalDhcpEntry(nic, dhcpCommand);
diff --git a/server/src/com/cloud/configuration/ConfigurationManager.java b/server/src/com/cloud/configuration/ConfigurationManager.java
index 19e74bfd4b4..09e8ac902b9 100644
--- a/server/src/com/cloud/configuration/ConfigurationManager.java
+++ b/server/src/com/cloud/configuration/ConfigurationManager.java
@@ -198,7 +198,7 @@ public interface ConfigurationManager extends ConfigurationService, Manager {
             boolean isDefault, Network.GuestType type, boolean systemOnly, Long serviceOfferingId, boolean conserveMode, Map<Service, Map<Capability, String>> serviceCapabilityMap,
             boolean specifyIpRanges);
 
-    Vlan createVlanAndPublicIpRange(long zoneId, long networkId, long physicalNetworkId, boolean forVirtualNetwork, Long podId, String startIP, String endIP, String vlanGateway, String vlanNetmask, String vlanId, Account vlanOwner) throws InsufficientCapacityException, ConcurrentOperationException, InvalidParameterValueException;
+    Vlan createVlanAndPublicIpRange(long zoneId, long networkId, long physicalNetworkId, boolean forVirtualNetwork, Long podId, String startIP, String endIP, String vlanGateway, String vlanNetmask, String vlanId, Account vlanOwner, String startIPv6, String endIPv6, String vlanIp6Gateway, String vlanIp6Cidr) throws InsufficientCapacityException, ConcurrentOperationException, InvalidParameterValueException;
 
     void createDefaultSystemNetworks(long zoneId) throws ConcurrentOperationException;
 
diff --git a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
index 7925ff88588..5c30e9ad204 100755
--- a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
+++ b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
@@ -2250,7 +2250,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
         txn.start();
 
         Vlan vlan = createVlanAndPublicIpRange(zoneId, networkId, physicalNetworkId, forVirtualNetwork, podId, startIP, 
-                endIP, vlanGateway, vlanNetmask, vlanId, vlanOwner);
+                endIP, vlanGateway, vlanNetmask, vlanId, vlanOwner, null, null, null, null);
 
         if (associateIpRangeToAccount) {
             _networkMgr.associateIpAddressListToAccount(userId, vlanOwner.getId(), zoneId, vlan.getId(), null);
@@ -2276,11 +2276,23 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
     @DB
     public Vlan createVlanAndPublicIpRange(long zoneId, long networkId, long physicalNetworkId, boolean forVirtualNetwork, Long podId, 
             String startIP, String endIP, String vlanGateway, String vlanNetmask,
-            String vlanId, Account vlanOwner) {
-
-
+            String vlanId, Account vlanOwner, String startIPv6, String endIPv6, String vlanIp6Gateway, String vlanIp6Cidr) {
         Network network = _networkModel.getNetwork(networkId);
 
+        boolean ipv4 = false, ipv6 = false;
+
+        if (startIP != null) {
+        	ipv4 = true;
+        }
+        
+        if (startIPv6 != null) {
+        	ipv6 = true;
+        }
+        
+        if (!ipv4 && !ipv6) {
+            throw new InvalidParameterValueException("Please specify IPv4 or IPv6 address.");
+        }
+
         //Validate the zone
         DataCenterVO zone = _zoneDao.findById(zoneId);
         if (zone == null) {
@@ -2345,6 +2357,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
             throw new InvalidParameterValueException("Vlan owner can be defined only in the zone of type " + NetworkType.Advanced);
         }
 
+        if (ipv4) {
         // Make sure the gateway is valid
         if (!NetUtils.isValidIp(vlanGateway)) {
             throw new InvalidParameterValueException("Please specify a valid gateway");
@@ -2354,7 +2367,18 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
         if (!NetUtils.isValidIp(vlanNetmask)) {
             throw new InvalidParameterValueException("Please specify a valid netmask");
         }
+        }
 
+        if (ipv6) {
+        	if (!NetUtils.isValidIpv6(vlanIp6Gateway)) {
+        		throw new InvalidParameterValueException("Please specify a valid IPv6 gateway");
+        	}
+        	if (!NetUtils.isValidIp6Cidr(vlanIp6Cidr)) {
+        		throw new InvalidParameterValueException("Please specify a valid IPv6 CIDR");
+        	}
+        }
+
+        if (ipv4) {
         String newVlanSubnet = NetUtils.getSubNet(vlanGateway, vlanNetmask);
 
         // Check if the new VLAN's subnet conflicts with the guest network in
@@ -2399,6 +2423,10 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
         List<VlanVO> vlans = _vlanDao.listByZone(zone.getId());
         for (VlanVO vlan : vlans) {
             String otherVlanGateway = vlan.getVlanGateway();
+        		// Continue if it's not IPv4 
+        		if (otherVlanGateway == null) {
+        			continue;
+        		}
             String otherVlanSubnet = NetUtils.getSubNet(vlan.getVlanGateway(), vlan.getVlanNetmask());
             String[] otherVlanIpRange = vlan.getIpRange().split("\\-");
             String otherVlanStartIP = otherVlanIpRange[0];
@@ -2430,6 +2458,33 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
                 }
             }
         }
+        }
+        
+        String ipv6Range = null;
+        if (ipv6) {
+        	ipv6Range = startIPv6;
+        	if (endIPv6 != null) {
+        		ipv6Range += "-" + endIPv6;
+        	}
+        	
+        	List<VlanVO> vlans = _vlanDao.listByZone(zone.getId());
+        	for (VlanVO vlan : vlans) {
+        		if (vlan.getIp6Gateway() == null) {
+        			continue;
+        		}
+        		if (vlanId.equals(vlan.getVlanTag())) {
+        			if (NetUtils.isIp6RangeOverlap(ipv6Range, vlan.getIp6Range())) {
+        				throw new InvalidParameterValueException("The IPv6 range with tag: " + vlan.getVlanTag()
+        						+ " already has IPs that overlap with the new range. Please specify a different start IP/end IP.");
+        			}
+
+        			if (!vlanIp6Gateway.equals(vlan.getIp6Gateway())) {
+        				throw new InvalidParameterValueException("The IP range with tag: " + vlan.getVlanTag() + " has already been added with gateway " + vlan.getIp6Gateway()
+        						+ ". Please specify a different tag.");
+        			}
+        		}
+        	}
+        }
 
         // Check if a guest VLAN is using the same tag
         if (_zoneDao.findVnet(zoneId, physicalNetworkId, vlanId).size() > 0) {
@@ -2450,21 +2505,28 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
             }
         }
 
-        String ipRange = startIP;
+        String ipRange = null;
+        
+        if (ipv4) {
+        	ipRange = startIP;
         if (endIP != null) {
             ipRange += "-" + endIP;
         }
+        }
 
         // Everything was fine, so persist the VLAN
         Transaction txn = Transaction.currentTxn();
         txn.start();
 
-        VlanVO vlan = new VlanVO(vlanType, vlanId, vlanGateway, vlanNetmask, zone.getId(), ipRange, networkId, physicalNetworkId);
+        VlanVO vlan = new VlanVO(vlanType, vlanId, vlanGateway, vlanNetmask, zone.getId(), ipRange, networkId, physicalNetworkId, vlanIp6Gateway, vlanIp6Cidr, ipv6Range);
         s_logger.debug("Saving vlan range " + vlan);
         vlan = _vlanDao.persist(vlan);
 
+        // IPv6 use a used ip map, is different from ipv4, no need to save public ip range
+        if (ipv4) {
         if (!savePublicIPRange(startIP, endIP, zoneId, vlan.getId(), networkId, physicalNetworkId)) {
-            throw new CloudRuntimeException("Failed to save IP range. Please contact Cloud Support."); 
+        		throw new CloudRuntimeException("Failed to save IPv4 range. Please contact Cloud Support."); 
+        	}
         }
 
         if (vlanOwner != null) {
diff --git a/server/src/com/cloud/dc/VlanVO.java b/server/src/com/cloud/dc/VlanVO.java
index fcb46c4971e..af6b5fc8089 100644
--- a/server/src/com/cloud/dc/VlanVO.java
+++ b/server/src/com/cloud/dc/VlanVO.java
@@ -48,12 +48,21 @@ public class VlanVO implements Vlan {
 	@Column(name="vlan_netmask")
 	String vlanNetmask;
 
+	@Column(name="ip6_gateway")
+	String ip6Gateway;
+
+	@Column(name="ip6_cidr")
+	String ip6Cidr;
+
 	@Column(name="data_center_id")
 	long dataCenterId;
 
 	@Column(name="description")
 	String ipRange;
 
+	@Column(name="ip6_range")
+	String ip6Range;
+	
     @Column(name="network_id")
     Long networkId;
 
@@ -67,13 +76,16 @@ public class VlanVO implements Vlan {
     @Column(name="uuid")
     String uuid;
 
-	public VlanVO(VlanType vlanType, String vlanTag, String vlanGateway, String vlanNetmask, long dataCenterId, String ipRange, Long networkId, Long physicalNetworkId) {
+	public VlanVO(VlanType vlanType, String vlanTag, String vlanGateway, String vlanNetmask, long dataCenterId, String ipRange, Long networkId, Long physicalNetworkId, String ip6Gateway, String ip6Cidr, String ip6Range) {
 		this.vlanType = vlanType;
 		this.vlanTag = vlanTag;
 		this.vlanGateway = vlanGateway;
 		this.vlanNetmask = vlanNetmask;
+		this.ip6Gateway = ip6Gateway;
+		this.ip6Cidr = ip6Cidr;
 		this.dataCenterId = dataCenterId;
 		this.ipRange = ipRange;
+		this.ip6Range = ip6Range;
 		this.networkId = networkId;
 		this.uuid = UUID.randomUUID().toString();
 		this.physicalNetworkId = physicalNetworkId;
@@ -149,9 +161,36 @@ public class VlanVO implements Vlan {
     public String toString() {
         if (toString == null) {
             toString = new StringBuilder("Vlan[").append(vlanTag).append("|").append(vlanGateway).append("|").append(vlanNetmask).
-                    append("|").append(ipRange).append("|").append(networkId).append("]").toString();
+                    append("|").append(ip6Gateway).append("|").append(ip6Cidr).append("|").append(ipRange).append("|").
+                    append("|").append(ip6Range).append(networkId).append("]").toString();
         }
         return toString;
     }
+    
+    @Override
+	public String getIp6Gateway() {
+		return ip6Gateway;
+	}
 
+	public void setIp6Gateway(String ip6Gateway) {
+		this.ip6Gateway = ip6Gateway;
+	}
+
+    @Override
+	public String getIp6Cidr() {
+		return ip6Cidr;
+	}
+
+	public void setIp6Cidr(String ip6Cidr) {
+		this.ip6Cidr = ip6Cidr;
+	}
+
+	@Override
+	public String getIp6Range() {
+		return ip6Range;
+	}
+
+	public void setIp6Range(String ip6Range) {
+		this.ip6Range = ip6Range;
+	}
 }
diff --git a/server/src/com/cloud/network/Ipv6AddressManager.java b/server/src/com/cloud/network/Ipv6AddressManager.java
new file mode 100644
index 00000000000..2ab7e5a1b7e
--- /dev/null
+++ b/server/src/com/cloud/network/Ipv6AddressManager.java
@@ -0,0 +1,28 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package com.cloud.network;
+
+import com.cloud.exception.InsufficientAddressCapacityException;
+import com.cloud.user.Account;
+import com.cloud.utils.component.Manager;
+
+public interface Ipv6AddressManager extends Manager {
+    public UserIpv6Address assignDirectIp6Address(long dcId, Account owner, Long networkId, String requestedIp6) throws InsufficientAddressCapacityException;
+
+	public void revokeDirectIpv6Address(long networkId, String ip6Address);
+}
diff --git a/server/src/com/cloud/network/Ipv6AddressManagerImpl.java b/server/src/com/cloud/network/Ipv6AddressManagerImpl.java
new file mode 100644
index 00000000000..01227721614
--- /dev/null
+++ b/server/src/com/cloud/network/Ipv6AddressManagerImpl.java
@@ -0,0 +1,109 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package com.cloud.network;
+
+import java.util.Map;
+
+import javax.ejb.Local;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+
+import org.apache.log4j.Logger;
+
+import com.cloud.dc.DataCenterVO;
+import com.cloud.dc.Vlan;
+import com.cloud.dc.dao.DataCenterDao;
+import com.cloud.dc.dao.VlanDao;
+import com.cloud.exception.InsufficientAddressCapacityException;
+import com.cloud.network.dao.UserIpv6AddressDao;
+import com.cloud.user.Account;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.utils.net.NetUtils;
+
+@Local(value = { Ipv6AddressManager.class } )
+public class Ipv6AddressManagerImpl extends ManagerBase implements Ipv6AddressManager {
+    public static final Logger s_logger = Logger.getLogger(Ipv6AddressManagerImpl.class.getName());
+
+    @Inject
+    DataCenterDao _dcDao;
+    @Inject
+    VlanDao _vlanDao;
+    @Inject
+    NetworkModel _networkModel;
+    @Inject
+    UserIpv6AddressDao _ipv6Dao;
+    
+	@Override
+	public UserIpv6Address assignDirectIp6Address(long dcId, Account owner, Long networkId, String requestedIp6)
+			throws InsufficientAddressCapacityException {
+    	Vlan vlan = _networkModel.getVlanForNetwork(networkId);
+    	if (vlan == null) {
+    		s_logger.debug("Cannot find related vlan or too many vlan attached to network " + networkId);
+    		return null;
+    	}
+    	String ip = null;
+    	if (requestedIp6 == null) {
+    		int count = 0;
+    		while (ip == null || count >= 10) {
+    			ip = NetUtils.getIp6FromRange(vlan.getIp6Range());
+    			//Check for duplicate IP
+    			if (_ipv6Dao.findByNetworkIdAndIp(networkId, ip) == null) {
+    				break;
+    			} else {
+    				ip = null;
+    			}
+    			count ++;
+    		}
+    		if (ip == null) {
+    			throw new CloudRuntimeException("Fail to get unique ipv6 address after 10 times trying!");
+    		}
+    	} else {
+    		if (!NetUtils.isIp6InRange(requestedIp6, vlan.getIp6Range())) {
+    			throw new CloudRuntimeException("Requested IPv6 is not in the predefined range!");
+    		}
+    		ip = requestedIp6;
+    		if (_ipv6Dao.findByNetworkIdAndIp(networkId, ip) != null) {
+    			throw new CloudRuntimeException("The requested IP is already taken!");
+    		}
+    	}
+    	DataCenterVO dc = _dcDao.findById(dcId);
+        Long mac = dc.getMacAddress();
+        Long nextMac = mac + 1;
+        dc.setMacAddress(nextMac);
+        _dcDao.update(dc.getId(), dc);
+        
+    	String macAddress = NetUtils.long2Mac(NetUtils.createSequenceBasedMacAddress(mac));
+    	UserIpv6AddressVO ipVO = new UserIpv6AddressVO(ip, dcId, macAddress, vlan.getId());
+    	ipVO.setPhysicalNetworkId(vlan.getPhysicalNetworkId());
+    	ipVO.setSourceNetworkId(vlan.getNetworkId());
+    	ipVO.setState(UserIpv6Address.State.Allocated);
+    	ipVO.setDomainId(owner.getDomainId());
+    	ipVO.setAccountId(owner.getAccountId());
+    	_ipv6Dao.persist(ipVO);
+    	return ipVO;
+	}
+
+	@Override
+	public void revokeDirectIpv6Address(long networkId, String ip6Address) {
+		UserIpv6AddressVO ip = _ipv6Dao.findByNetworkIdAndIp(networkId, ip6Address);
+		if (ip != null) {
+			_ipv6Dao.remove(ip.getId());
+		}
+	}
+}
diff --git a/server/src/com/cloud/network/NetworkManager.java b/server/src/com/cloud/network/NetworkManager.java
index 6618929eda8..2904183911e 100755
--- a/server/src/com/cloud/network/NetworkManager.java
+++ b/server/src/com/cloud/network/NetworkManager.java
@@ -125,7 +125,7 @@ public interface NetworkManager  {
 
     Network createGuestNetwork(long networkOfferingId, String name, String displayText, String gateway, String cidr,
             String vlanId, String networkDomain, Account owner, Long domainId, PhysicalNetwork physicalNetwork,
-            long zoneId, ACLType aclType, Boolean subdomainAccess, Long vpcId) 
+            long zoneId, ACLType aclType, Boolean subdomainAccess, Long vpcId, String ip6Gateway, String ip6Cidr) 
                     throws ConcurrentOperationException, InsufficientCapacityException, ResourceAllocationException;
 
     /**
@@ -171,7 +171,7 @@ public interface NetworkManager  {
 
     void allocateDirectIp(NicProfile nic, DataCenter dc,
             VirtualMachineProfile<? extends VirtualMachine> vm,
-            Network network, String requestedIp)
+            Network network, String requestedIpv4, String requestedIpv6)
             throws InsufficientVirtualNetworkCapcityException,
             InsufficientAddressCapacityException;
 
diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java
index 0235bf1c8ce..643f1a48276 100755
--- a/server/src/com/cloud/network/NetworkManagerImpl.java
+++ b/server/src/com/cloud/network/NetworkManagerImpl.java
@@ -120,6 +120,7 @@ import com.cloud.network.dao.PhysicalNetworkServiceProviderDao;
 import com.cloud.network.dao.PhysicalNetworkTrafficTypeDao;
 import com.cloud.network.dao.PhysicalNetworkTrafficTypeVO;
 import com.cloud.network.dao.PhysicalNetworkVO;
+import com.cloud.network.dao.UserIpv6AddressDao;
 import com.cloud.network.element.DhcpServiceProvider;
 import com.cloud.network.element.IpDeployer;
 import com.cloud.network.element.LoadBalancingServiceProvider;
@@ -282,6 +283,10 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
     NetworkACLManager _networkACLMgr;
     @Inject
     NetworkModel _networkModel;
+    @Inject
+    UserIpv6AddressDao _ipv6Dao;
+    @Inject
+    Ipv6AddressManager _ipv6Mgr;
 
     ScheduledExecutorService _executor;
 
@@ -1313,10 +1318,8 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
 
         vo.setDefaultNic(profile.isDefaultNic());
 
-        if (profile.getIp4Address() != null) {
             vo.setIp4Address(profile.getIp4Address());
-            vo.setAddressFormat(AddressFormat.Ip4);
-        }
+        vo.setAddressFormat(profile.getFormat());
 
         if (profile.getMacAddress() != null) {
             vo.setMacAddress(profile.getMacAddress());
@@ -1335,6 +1338,11 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
         }
 
         vo.setState(Nic.State.Allocated);
+        
+        vo.setIp6Address(profile.getIp6Address());
+        vo.setIp6Gateway(profile.getIp6Gateway());
+        vo.setIp6Cidr(profile.getIp6Cidr());
+        
         return deviceId;
     }
 
@@ -1793,7 +1801,7 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
     @DB
     public Network createGuestNetwork(long networkOfferingId, String name, String displayText, String gateway, 
             String cidr, String vlanId, String networkDomain, Account owner, Long domainId,
-            PhysicalNetwork pNtwk, long zoneId, ACLType aclType, Boolean subdomainAccess, Long vpcId) 
+            PhysicalNetwork pNtwk, long zoneId, ACLType aclType, Boolean subdomainAccess, Long vpcId, String ip6Gateway, String ip6Cidr)
                     throws ConcurrentOperationException, InsufficientCapacityException, ResourceAllocationException {
 
         NetworkOfferingVO ntwkOff = _networkOfferingDao.findById(networkOfferingId);
@@ -1826,9 +1834,18 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
             throw ex;
         }
 
+        boolean ipv6 = false;
+        
+        if (ip6Gateway != null && ip6Cidr != null) {
+        	ipv6 = true;
+        }
         // Validate zone
         DataCenterVO zone = _dcDao.findById(zoneId);
         if (zone.getNetworkType() == NetworkType.Basic) {
+        	if (ipv6) {
+                throw new InvalidParameterValueException("IPv6 is not supported in Basic zone");
+        	}
+        	
             // In Basic zone the network should have aclType=Domain, domainId=1, subdomainAccess=true
             if (aclType == null || aclType != ACLType.Domain) {
                 throw new InvalidParameterValueException("Only AclType=Domain can be specified for network creation in Basic zone");
@@ -1871,6 +1888,9 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
 
         } else if (zone.getNetworkType() == NetworkType.Advanced) {
             if (zone.isSecurityGroupEnabled()) {
+            	if (ipv6) {
+            		throw new InvalidParameterValueException("IPv6 is not supported with security group!");
+            	}
                 // Only Account specific Isolated network with sourceNat service disabled are allowed in security group
                 // enabled zone
                 boolean allowCreation = (ntwkOff.getGuestType() == GuestType.Isolated 
@@ -1956,7 +1976,7 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
         boolean cidrRequired = zone.getNetworkType() == NetworkType.Advanced && ntwkOff.getTrafficType() == TrafficType.Guest
                 && (ntwkOff.getGuestType() == GuestType.Shared || (ntwkOff.getGuestType() == GuestType.Isolated 
                 && !_networkModel.areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SourceNat)));
-        if (cidr == null && cidrRequired) {
+        if (cidr == null && ip6Cidr == null  && cidrRequired) {
             throw new InvalidParameterValueException("StartIp/endIp/gateway/netmask are required when create network of" +
                     " type " + Network.GuestType.Shared + " and network of type " + GuestType.Isolated + " with service "
                     + Service.SourceNat.getName() + " disabled");
@@ -1967,7 +1987,7 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
             throw new InvalidParameterValueException("StartIp/endIp/gateway/netmask can't be specified for zone of type " + NetworkType.Basic);
         }
 
-        // Check if cidr is RFC1918 compliant if the network is Guest Isolated
+        // Check if cidr is RFC1918 compliant if the network is Guest Isolated for IPv4
         if (cidr != null && ntwkOff.getGuestType() == Network.GuestType.Isolated && ntwkOff.getTrafficType() == TrafficType.Guest) {
             if (!NetUtils.validateGuestCidr(cidr)) {
                 throw new InvalidParameterValueException("Virtual Guest Cidr " + cidr + " is not RFC1918 compliant");
@@ -1999,6 +2019,20 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
             }
         }
 
+        if (ip6Cidr != null && ip6Gateway != null) {
+            userNetwork.setIp6Cidr(ip6Cidr);
+            userNetwork.setIp6Gateway(ip6Gateway);
+            if (vlanId != null) {
+                userNetwork.setBroadcastUri(URI.create("vlan://" + vlanId));
+                userNetwork.setBroadcastDomainType(BroadcastDomainType.Vlan);
+                if (!vlanId.equalsIgnoreCase(Vlan.UNTAGGED)) {
+                    userNetwork.setBroadcastDomainType(BroadcastDomainType.Vlan);
+                } else {
+                    userNetwork.setBroadcastDomainType(BroadcastDomainType.Native);
+                }
+            }
+        }
+        
         List<NetworkVO> networks = setupNetwork(owner, ntwkOff, userNetwork, plan, name, displayText, true, domainId,
                 aclType, subdomainAccess, vpcId);
 
@@ -2571,7 +2605,7 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
                 guestNetwork = createGuestNetwork(requiredOfferings.get(0).getId(), owner.getAccountName() + "-network"
                         , owner.getAccountName() + "-network", null, null, null, null, owner, null, physicalNetwork, 
                         zoneId, ACLType.Account,
-                        null, null);
+                        null, null, null, null);
                 if (guestNetwork == null) {
                     s_logger.warn("Failed to create default Virtual network for the account " + accountId + "in zone " + zoneId);
                     throw new CloudRuntimeException("Failed to create a Guest Isolated Networks with SourceNAT " +
@@ -3347,11 +3381,14 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
         return success;
     }
 
-    @Override
-    public void allocateDirectIp(NicProfile nic, DataCenter dc, VirtualMachineProfile<? extends VirtualMachine> vm, Network network, String requestedIp) throws InsufficientVirtualNetworkCapcityException,
+    public void allocateDirectIp(NicProfile nic, DataCenter dc, VirtualMachineProfile<? extends VirtualMachine> vm, Network network,
+    							 String requestedIpv4, String requestedIpv6) throws InsufficientVirtualNetworkCapcityException,
     InsufficientAddressCapacityException {
+    	boolean ipv4 = false, ipv6 = false;
+    	if (network.getGateway() != null) {
         if (nic.getIp4Address() == null) {
-            PublicIp ip = assignPublicIpAddress(dc.getId(), null, vm.getOwner(), VlanType.DirectAttached, network.getId(), requestedIp, false);
+    			ipv4 = true;
+    			PublicIp ip = assignPublicIpAddress(dc.getId(), null, vm.getOwner(), VlanType.DirectAttached, network.getId(), requestedIpv4, false);
             nic.setIp4Address(ip.getAddress().toString());
             nic.setGateway(ip.getGateway());
             nic.setNetmask(ip.getNetmask());
@@ -3362,12 +3399,37 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
             nic.setReservationId(String.valueOf(ip.getVlanTag()));
             nic.setMacAddress(ip.getMacAddress());
         }
+    	}
+    	
+    	if (network.getIp6Gateway() != null) {
+    		if (nic.getIp6Address() == null) {
+    			ipv6 = true;
+    			UserIpv6Address ip = _ipv6Mgr.assignDirectIp6Address(dc.getId(), vm.getOwner(), network.getId(), requestedIpv6);
+    			Vlan vlan = _networkModel.getVlanForNetwork(network.getId());
+    			if (vlan == null) {
+    				s_logger.debug("Cannot find related vlan or too many vlan attached to network " + network.getId());
+    				return;
+    			}
+    			nic.setIp6Address(ip.getAddress().toString());
+    			nic.setIp6Gateway(vlan.getIp6Gateway());
+    			nic.setIp6Cidr(vlan.getIp6Cidr());
+    			if (ipv4) {
+    				nic.setFormat(AddressFormat.DualStack);
+    			} else {
+    				nic.setIsolationUri(IsolationType.Vlan.toUri(vlan.getVlanTag()));
+    				nic.setBroadcastType(BroadcastDomainType.Vlan);
+    				nic.setBroadcastUri(BroadcastDomainType.Vlan.toUri(vlan.getVlanTag()));
+    				nic.setFormat(AddressFormat.Ip6);
+    				nic.setReservationId(String.valueOf(vlan.getVlanTag()));
+    				nic.setMacAddress(ip.getMacAddress());
+    			}
+    		}
+    	}
 
         nic.setDns1(dc.getDns1());
         nic.setDns2(dc.getDns2());
     }
 
-
     @Override
     public boolean setupDns(Network network, Provider provider) {
         boolean dnsProvided = _networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.Dns, provider );
diff --git a/server/src/com/cloud/network/NetworkModelImpl.java b/server/src/com/cloud/network/NetworkModelImpl.java
index 7aba59ffdb0..ff97911493e 100644
--- a/server/src/com/cloud/network/NetworkModelImpl.java
+++ b/server/src/com/cloud/network/NetworkModelImpl.java
@@ -38,6 +38,7 @@ import com.cloud.configuration.Config;
 import com.cloud.configuration.ConfigurationManager;
 import com.cloud.configuration.dao.ConfigurationDao;
 import com.cloud.dc.PodVlanMapVO;
+import com.cloud.dc.Vlan;
 import com.cloud.dc.Vlan.VlanType;
 import com.cloud.dc.VlanVO;
 import com.cloud.dc.dao.DataCenterDao;
@@ -72,6 +73,7 @@ import com.cloud.network.dao.PhysicalNetworkServiceProviderVO;
 import com.cloud.network.dao.PhysicalNetworkTrafficTypeDao;
 import com.cloud.network.dao.PhysicalNetworkTrafficTypeVO;
 import com.cloud.network.dao.PhysicalNetworkVO;
+import com.cloud.network.dao.UserIpv6AddressDao;
 import com.cloud.network.element.NetworkElement;
 import com.cloud.network.element.UserDataServiceProvider;
 import com.cloud.network.rules.FirewallRule.Purpose;
@@ -163,7 +165,8 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel {
     NetworkServiceMapDao _ntwkSrvcDao;
     @Inject
     PrivateIpDao _privateIpDao;
-    
+    @Inject
+    UserIpv6AddressDao _ipv6Dao;
 
 
     private final HashMap<String, NetworkOfferingVO> _systemNetworks = new HashMap<String, NetworkOfferingVO>(5);
@@ -516,7 +519,15 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel {
         }
         boolean hasFreeIps = true;
         if (network.getGuestType() == GuestType.Shared) {
+        	if (network.getGateway() != null) {
             hasFreeIps = _ipAddressDao.countFreeIPsInNetwork(network.getId()) > 0;
+        	}
+        	if (!hasFreeIps) {
+        		return false;
+        	}
+        	if (network.getIp6Gateway() != null) {
+        		hasFreeIps = isIP6AddressAvailable(network);
+        	}
         } else {
             hasFreeIps = (getAvailableIps(network, null)).size() > 0;
         }
@@ -524,7 +535,25 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel {
         return hasFreeIps;
     }
 
+    @Override
+    public Vlan getVlanForNetwork(long networkId) {
+    	List<VlanVO> vlans = _vlanDao.listVlansByNetworkId(networkId);
+    	if (vlans == null || vlans.size() > 1) {
+    		s_logger.debug("Cannot find related vlan or too many vlan attached to network " + networkId);
+    		return null;
+    	}
+    	return vlans.get(0);
+    }
    
+    private boolean isIP6AddressAvailable(Network network) {
+    	if (network.getIp6Gateway() == null) {
+    		return false;
+    	}
+    	Vlan vlan = getVlanForNetwork(network.getId());
+    	long existedCount = _ipv6Dao.countExistedIpsInNetwork(network.getId());
+    	long rangeCount = NetUtils.countIp6InRange(vlan.getIp6Range());
+		return (existedCount < rangeCount);
+	}
 
     @Override
     public Map<Service, Map<Capability, String>> getNetworkCapabilities(long networkId) {
diff --git a/server/src/com/cloud/network/NetworkServiceImpl.java b/server/src/com/cloud/network/NetworkServiceImpl.java
index 9020281344e..f0282abee1d 100755
--- a/server/src/com/cloud/network/NetworkServiceImpl.java
+++ b/server/src/com/cloud/network/NetworkServiceImpl.java
@@ -611,6 +611,10 @@ public class NetworkServiceImpl extends ManagerBase implements  NetworkService {
         boolean isDomainSpecific = false;
         Boolean subdomainAccess = cmd.getSubdomainAccess();
         Long vpcId = cmd.getVpcId();
+        String startIPv6 = cmd.getStartIpv6();
+        String endIPv6 = cmd.getEndIpv6();
+        String ip6Gateway = cmd.getIp6Gateway();
+        String ip6Cidr = cmd.getIp6Cidr();
 
         // Validate network offering
         NetworkOfferingVO ntwkOff = _networkOfferingDao.findById(networkOfferingId);
@@ -727,7 +731,16 @@ public class NetworkServiceImpl extends ManagerBase implements  NetworkService {
 
         UserContext.current().setAccountId(owner.getAccountId());
 
-        // VALIDATE IP INFO
+        boolean ipv4 = false, ipv6 = false;
+        if (startIP != null) {
+        	ipv4 = true;
+        }
+        if (startIPv6 != null) {
+        	ipv6 = true;
+        }
+        
+        String cidr = null;
+        if (ipv4) {
         // if end ip is not specified, default it to startIp
         if (startIP != null) {
             if (!NetUtils.isValidIp(startIP)) {
@@ -746,7 +759,6 @@ public class NetworkServiceImpl extends ManagerBase implements  NetworkService {
             }
         }
 
-        String cidr = null;
         if (gateway != null && netmask != null) {
             if (!NetUtils.isValidIp(gateway)) {
                 throw new InvalidParameterValueException("Invalid gateway");
@@ -758,6 +770,51 @@ public class NetworkServiceImpl extends ManagerBase implements  NetworkService {
             cidr = NetUtils.ipAndNetMaskToCidr(gateway, netmask);
         }
 
+        }
+        
+        if (ipv6) {
+        	if (!NetUtils.isValidIpv6(startIPv6)) {
+        		throw new InvalidParameterValueException("Invalid format for the startIPv6 parameter");
+        	}
+        	if (endIPv6 == null) {
+        		endIPv6 = startIPv6;
+        	} else if (!NetUtils.isValidIpv6(endIPv6)) {
+        		throw new InvalidParameterValueException("Invalid format for the endIPv6 parameter");
+        	}
+        	
+        	if (!(ip6Gateway != null && ip6Cidr != null)) {
+        		throw new InvalidParameterValueException("ip6Gateway and ip6Cidr should be defined when startIPv6/endIPv6 are passed in");
+        	}
+        	
+        	if (!NetUtils.isValidIpv6(ip6Gateway)) {
+        		throw new InvalidParameterValueException("Invalid ip6Gateway");
+        	}
+        	if (!NetUtils.isValidIp6Cidr(ip6Cidr)) {
+        		throw new InvalidParameterValueException("Invalid ip6cidr");
+        	}
+        	if (!NetUtils.isIp6InRange(startIPv6, ip6Cidr)) {
+        		throw new InvalidParameterValueException("startIPv6 is not in ip6cidr indicated network range!");
+        	}
+        	if (!NetUtils.isIp6InRange(endIPv6, ip6Cidr)) {
+        		throw new InvalidParameterValueException("endIPv6 is not in ip6cidr indicated network range!");
+        	}
+        	if (!NetUtils.isIp6InRange(ip6Gateway, ip6Cidr)) {
+        		throw new InvalidParameterValueException("ip6Gateway is not in ip6cidr indicated network range!");
+        	}
+        	
+        	int cidrSize = NetUtils.getIp6CidrSize(ip6Cidr);
+        	// Ipv6 cidr limit should be at least /64
+        	if (cidrSize < 64) {
+        		throw new InvalidParameterValueException("The cidr size of IPv6 network must be no less than 64 bits!");
+        	}
+        }
+
+        if (ipv6) {
+        	if (zone.getNetworkType() != NetworkType.Advanced || ntwkOff.getGuestType() != Network.GuestType.Shared) {
+        		throw new InvalidParameterValueException("Can only support create IPv6 network with advance shared network!");
+        	}
+        }
+        
         // Regular user can create Guest Isolated Source Nat enabled network only
         if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL
                 && (ntwkOff.getTrafficType() != TrafficType.Guest || ntwkOff.getGuestType() != Network.GuestType.Isolated
@@ -772,6 +829,7 @@ public class NetworkServiceImpl extends ManagerBase implements  NetworkService {
             throw new InvalidParameterValueException("Regular user is not allowed to specify vlanId");
         }
 
+        if (ipv4) {
         // For non-root admins check cidr limit - if it's allowed by global config value
         if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN && cidr != null) {
 
@@ -782,8 +840,13 @@ public class NetworkServiceImpl extends ManagerBase implements  NetworkService {
                 throw new InvalidParameterValueException("Cidr size can't be less than " + _cidrLimit);
             }
         }
+        }
 
         Collection<String> ntwkProviders = _networkMgr.finalizeServicesAndProvidersForNetwork(ntwkOff, physicalNetworkId).values();
+        if (ipv6 && providersConfiguredForExternalNetworking(ntwkProviders)) {
+        	throw new InvalidParameterValueException("Cannot support IPv6 on network offering with external devices!");
+        }
+        
         if (cidr != null && providersConfiguredForExternalNetworking(ntwkProviders)) {
             if (ntwkOff.getGuestType() == GuestType.Shared && (zone.getNetworkType() == NetworkType.Advanced) &&
                     isSharedNetworkOfferingWithServices(networkOfferingId)) {
@@ -794,7 +857,6 @@ public class NetworkServiceImpl extends ManagerBase implements  NetworkService {
             }
         }
 
-
         // Vlan is created in 2 cases - works in Advance zone only:
         // 1) GuestType is Shared
         // 2) GuestType is Isolated, but SourceNat service is disabled
@@ -803,6 +865,13 @@ public class NetworkServiceImpl extends ManagerBase implements  NetworkService {
                         || (ntwkOff.getGuestType() == GuestType.Isolated && 
                         !areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SourceNat))));
 
+        if (!createVlan) {
+        	// Only support advance shared network in IPv6, which means createVlan is a must
+        	if (ipv6) {
+        		createVlan = true;
+        	}
+        }
+
         // Can add vlan range only to the network which allows it
         if (createVlan && !ntwkOff.getSpecifyIpRanges()) {
             InvalidParameterValueException ex = new InvalidParameterValueException("Network offering with specified id doesn't support adding multiple ip ranges");
@@ -847,13 +916,13 @@ public class NetworkServiceImpl extends ManagerBase implements  NetworkService {
                 throw new InvalidParameterValueException("Network offering can be used for VPC networks only");
             }
             network = _networkMgr.createGuestNetwork(networkOfferingId, name, displayText, gateway, cidr, vlanId, 
-                    networkDomain, owner, sharedDomainId, pNtwk, zoneId, aclType, subdomainAccess, vpcId);
+            		networkDomain, owner, sharedDomainId, pNtwk, zoneId, aclType, subdomainAccess, vpcId, ip6Gateway, ip6Cidr);
         }  
 
         if (caller.getType() == Account.ACCOUNT_TYPE_ADMIN && createVlan) {
             // Create vlan ip range
             _configMgr.createVlanAndPublicIpRange(pNtwk.getDataCenterId(), network.getId(), physicalNetworkId,
-                    false, null, startIP, endIP, gateway, netmask, vlanId, null);
+                    false, null, startIP, endIP, gateway, netmask, vlanId, null, startIPv6, endIPv6, ip6Gateway, ip6Cidr);
         }
 
         txn.commit();
@@ -2809,7 +2878,7 @@ public class NetworkServiceImpl extends ManagerBase implements  NetworkService {
         if (privateNetwork == null) {
             //create Guest network
             privateNetwork = _networkMgr.createGuestNetwork(ntwkOff.getId(), networkName, displayText, gateway, cidr, vlan, 
-                    null, owner, null, pNtwk, pNtwk.getDataCenterId(), ACLType.Account, null, null);
+                    null, owner, null, pNtwk, pNtwk.getDataCenterId(), ACLType.Account, null, null, null, null);
             s_logger.debug("Created private network " + privateNetwork);
         } else {
             s_logger.debug("Private network already exists: " + privateNetwork);
diff --git a/server/src/com/cloud/network/UserIpv6Address.java b/server/src/com/cloud/network/UserIpv6Address.java
new file mode 100644
index 00000000000..4c33d456d2a
--- /dev/null
+++ b/server/src/com/cloud/network/UserIpv6Address.java
@@ -0,0 +1,52 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network;
+
+import org.apache.cloudstack.acl.ControlledEntity;
+import org.apache.cloudstack.api.Identity;
+import org.apache.cloudstack.api.InternalIdentity;
+
+/**
+ * @author Sheng Yang
+ *
+ */
+public interface UserIpv6Address extends ControlledEntity, Identity, InternalIdentity {
+    enum State {
+        Allocating, // The IP Address is being propagated to other network elements and is not ready for use yet.
+        Allocated, // The IP address is in used.
+        Releasing, // The IP address is being released for other network elements and is not ready for allocation.
+        Free // The IP address is ready to be allocated.
+    }
+
+    long getDataCenterId();
+
+    String getAddress();
+
+    long getVlanId();
+
+    State getState();
+
+    Long getNetworkId();
+    
+    Long getSourceNetworkId();
+
+    Long getPhysicalNetworkId();
+
+    void setState(UserIpv6Address.State state);
+    
+    String getMacAddress();
+}
diff --git a/server/src/com/cloud/network/UserIpv6AddressVO.java b/server/src/com/cloud/network/UserIpv6AddressVO.java
new file mode 100644
index 00000000000..70eb12d32b0
--- /dev/null
+++ b/server/src/com/cloud/network/UserIpv6AddressVO.java
@@ -0,0 +1,188 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network;
+
+import java.util.Date;
+import java.util.UUID;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.EnumType;
+import javax.persistence.Enumerated;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.Table;
+import javax.persistence.Transient;
+
+import com.cloud.utils.db.GenericDao;
+
+@Entity
+@Table(name=("user_ipv6_address"))
+public class UserIpv6AddressVO implements UserIpv6Address {
+    @Id
+    @GeneratedValue(strategy=GenerationType.IDENTITY)
+    @Column(name="id")
+    long id;
+
+	@Column(name="ip_address")
+	@Enumerated(value=EnumType.STRING)
+	private String address = null;
+
+	@Column(name="data_center_id", updatable=false)
+	private long dataCenterId;
+
+	@Column(name="vlan_id")
+	private long vlanId;
+
+	@Column(name="state")
+	private State state;
+
+	@Column(name="mac_address")
+	private String macAddress;
+
+	@Column(name="source_network_id")
+    private Long sourceNetworkId;
+
+	@Column(name="network_id")
+	private Long networkId;
+
+	@Column(name="uuid")
+	private String uuid;
+
+    @Column(name="physical_network_id")
+    private Long physicalNetworkId;
+
+	@Column(name="account_id")
+	private Long accountId = null;
+
+    @Column(name="domain_id")
+    private Long domainId = null;
+	
+    @Column(name = GenericDao.CREATED_COLUMN)
+    Date created;
+	
+	protected UserIpv6AddressVO() {
+		this.uuid = UUID.randomUUID().toString();
+	}
+
+	public UserIpv6AddressVO(String address, long dataCenterId, String macAddress, long vlanDbId) {
+		this.address = address;
+		this.dataCenterId = dataCenterId;
+		this.vlanId = vlanDbId;
+		this.state = State.Free;
+		this.setMacAddress(macAddress);
+		this.uuid = UUID.randomUUID().toString();
+	}
+
+
+	@Override
+	public long getAccountId() {
+		return accountId;
+	}
+
+	@Override
+	public long getDomainId() {
+		return domainId;
+	}
+
+	@Override
+	public String getUuid() {
+		return uuid;
+	}
+
+	@Override
+	public long getId() {
+		return id;
+	}
+
+	@Override
+	public long getDataCenterId() {
+		return dataCenterId;
+	}
+
+	@Override
+	public String getAddress() {
+		return address;
+	}
+
+	@Override
+	public long getVlanId() {
+		return vlanId;
+	}
+
+	@Override
+	public State getState() {
+		return state;
+	}
+
+	@Override
+	public Long getNetworkId() {
+		return networkId;
+	}
+
+	@Override
+	public Long getSourceNetworkId() {
+		return sourceNetworkId;
+	}
+
+	@Override
+	public Long getPhysicalNetworkId() {
+		return physicalNetworkId;
+	}
+
+	@Override
+	public void setState(State state) {
+		this.state = state;
+	}
+
+	public String getMacAddress() {
+		return macAddress;
+	}
+
+	public void setMacAddress(String macAddress) {
+		this.macAddress = macAddress;
+	}
+
+	public void setSourceNetworkId(Long sourceNetworkId) {
+		this.sourceNetworkId = sourceNetworkId;
+	}
+
+	public void setNetworkId(Long networkId) {
+		this.networkId = networkId;
+	}
+
+	public void setPhysicalNetworkId(Long physicalNetworkId) {
+		this.physicalNetworkId = physicalNetworkId;
+	}
+
+	public void setDomainId(Long domainId) {
+		this.domainId = domainId;
+	}
+
+	public void setAccountId(Long accountId) {
+		this.accountId = accountId;
+	}
+
+	public Date getCreated() {
+		return created;
+	}
+
+	public void setCreated(Date created) {
+		this.created = created;
+	}
+}
diff --git a/server/src/com/cloud/network/addr/PublicIp.java b/server/src/com/cloud/network/addr/PublicIp.java
index b5a19aa2a76..7336c9c4a43 100644
--- a/server/src/com/cloud/network/addr/PublicIp.java
+++ b/server/src/com/cloud/network/addr/PublicIp.java
@@ -206,4 +206,19 @@ public class PublicIp implements PublicIpAddress {
     public void setVpcId(Long vpcId) {
         _addr.setVpcId(vpcId);
     }
+
+	@Override
+	public String getIp6Gateway() {
+		return _vlan.getIp6Gateway();
+	}
+
+	@Override
+	public String getIp6Cidr() {
+		return _vlan.getIp6Cidr();
+	}
+
+	@Override
+	public String getIp6Range() {
+		return _vlan.getIp6Range();
+	}
 }
diff --git a/server/src/com/cloud/network/dao/NetworkVO.java b/server/src/com/cloud/network/dao/NetworkVO.java
index b89cb6584c8..5ecb22f24e3 100644
--- a/server/src/com/cloud/network/dao/NetworkVO.java
+++ b/server/src/com/cloud/network/dao/NetworkVO.java
@@ -154,6 +154,12 @@ public class NetworkVO implements Network {
     @Column(name="specify_ip_ranges")
     boolean specifyIpRanges = false;
 
+    @Column(name="ip6_gateway")
+    String ip6Gateway;
+
+    @Column(name="ip6_cidr")
+    String ip6Cidr;
+
     public NetworkVO() {
     	this.uuid = UUID.randomUUID().toString();
     }
@@ -200,6 +206,8 @@ public class NetworkVO implements Network {
             state = State.Allocated;
         }
     	this.uuid = UUID.randomUUID().toString();
+    	this.ip6Gateway = that.getIp6Gateway();
+    	this.ip6Cidr = that.getIp6Cidr();
     }
 
     /**
@@ -496,4 +504,20 @@ public class NetworkVO implements Network {
     public Long getVpcId() {
         return vpcId;
     }
+
+	public String getIp6Cidr() {
+		return ip6Cidr;
+	}
+
+	public void setIp6Cidr(String ip6Cidr) {
+		this.ip6Cidr = ip6Cidr;
+	}
+
+	public String getIp6Gateway() {
+		return ip6Gateway;
+	}
+
+	public void setIp6Gateway(String ip6Gateway) {
+		this.ip6Gateway = ip6Gateway;
+	}
 }
diff --git a/server/src/com/cloud/network/dao/UserIpv6AddressDao.java b/server/src/com/cloud/network/dao/UserIpv6AddressDao.java
new file mode 100644
index 00000000000..0e245efcde1
--- /dev/null
+++ b/server/src/com/cloud/network/dao/UserIpv6AddressDao.java
@@ -0,0 +1,23 @@
+package com.cloud.network.dao;
+
+import java.util.List;
+
+import com.cloud.network.Network;
+import com.cloud.network.UserIpv6AddressVO;
+import com.cloud.utils.db.GenericDao;
+
+public interface UserIpv6AddressDao extends GenericDao<UserIpv6AddressVO, Long> {
+	List<UserIpv6AddressVO> listByAccount(long accountId);
+	
+	List<UserIpv6AddressVO> listByVlanId(long vlanId);
+	
+	List<UserIpv6AddressVO> listByDcId(long dcId); 
+	
+	List<UserIpv6AddressVO> listByNetwork(long networkId);
+	
+	public UserIpv6AddressVO findByNetworkIdAndIp(long networkId, String ipAddress);
+
+	List<UserIpv6AddressVO> listByPhysicalNetworkId(long physicalNetworkId);
+
+	long countExistedIpsInNetwork(long networkId);
+}
diff --git a/server/src/com/cloud/network/dao/UserIpv6AddressDaoImpl.java b/server/src/com/cloud/network/dao/UserIpv6AddressDaoImpl.java
new file mode 100644
index 00000000000..14935c3f762
--- /dev/null
+++ b/server/src/com/cloud/network/dao/UserIpv6AddressDaoImpl.java
@@ -0,0 +1,98 @@
+package com.cloud.network.dao;
+
+import java.util.List;
+import java.util.Map;
+
+import javax.ejb.Local;
+import javax.naming.ConfigurationException;
+
+import org.apache.log4j.Logger;
+import org.springframework.stereotype.Component;
+
+import com.cloud.network.Network;
+import com.cloud.network.UserIpv6AddressVO;
+import com.cloud.utils.Pair;
+import com.cloud.utils.db.Filter;
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.GenericSearchBuilder;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+import com.cloud.utils.db.SearchCriteria.Func;
+import com.cloud.utils.db.SearchCriteria.Op;
+import com.cloud.utils.db.SearchCriteria2;
+
+@Component
+@Local(value=UserIpv6AddressDao.class)
+public class UserIpv6AddressDaoImpl extends GenericDaoBase<UserIpv6AddressVO, Long> implements UserIpv6AddressDao {
+    private static final Logger s_logger = Logger.getLogger(IPAddressDaoImpl.class);
+
+    protected final SearchBuilder<UserIpv6AddressVO> AllFieldsSearch;
+    protected GenericSearchBuilder<UserIpv6AddressVO, Long> CountFreePublicIps;
+    
+    public UserIpv6AddressDaoImpl() {
+        AllFieldsSearch = createSearchBuilder();
+        AllFieldsSearch.and("id", AllFieldsSearch.entity().getId(), Op.EQ);
+        AllFieldsSearch.and("dataCenterId", AllFieldsSearch.entity().getDataCenterId(), Op.EQ);
+        AllFieldsSearch.and("ipAddress", AllFieldsSearch.entity().getAddress(), Op.EQ);
+        AllFieldsSearch.and("vlan", AllFieldsSearch.entity().getVlanId(), Op.EQ);
+        AllFieldsSearch.and("accountId", AllFieldsSearch.entity().getAccountId(), Op.EQ);
+        AllFieldsSearch.and("network", AllFieldsSearch.entity().getNetworkId(), Op.EQ);
+        AllFieldsSearch.and("physicalNetworkId", AllFieldsSearch.entity().getPhysicalNetworkId(), Op.EQ);
+        AllFieldsSearch.done();
+        
+        CountFreePublicIps = createSearchBuilder(Long.class);
+        CountFreePublicIps.select(null, Func.COUNT, null);
+        CountFreePublicIps.and("networkId", CountFreePublicIps.entity().getSourceNetworkId(), SearchCriteria.Op.EQ);
+        CountFreePublicIps.done();
+    }
+
+	@Override
+	public List<UserIpv6AddressVO> listByAccount(long accountId) {
+        SearchCriteria<UserIpv6AddressVO> sc = AllFieldsSearch.create();
+        sc.setParameters("accountId", accountId);
+        return listBy(sc);
+	}
+
+	@Override
+	public List<UserIpv6AddressVO> listByVlanId(long vlanId) {
+        SearchCriteria<UserIpv6AddressVO> sc = AllFieldsSearch.create();
+        sc.setParameters("vlan", vlanId);
+        return listBy(sc);
+	}
+
+	@Override
+	public List<UserIpv6AddressVO> listByDcId(long dcId) {
+        SearchCriteria<UserIpv6AddressVO> sc = AllFieldsSearch.create();
+        sc.setParameters("dataCenterId", dcId);
+        return listBy(sc);
+	}
+
+	@Override
+	public List<UserIpv6AddressVO> listByNetwork(long networkId) {
+        SearchCriteria<UserIpv6AddressVO> sc = AllFieldsSearch.create();
+        sc.setParameters("network", networkId);
+        return listBy(sc);
+	}
+
+	@Override
+	public UserIpv6AddressVO findByNetworkIdAndIp(long networkId, String ipAddress) {
+        SearchCriteria<UserIpv6AddressVO> sc = AllFieldsSearch.create();
+        sc.setParameters("networkId", networkId);
+        sc.setParameters("ipAddress", ipAddress);
+        return findOneBy(sc);
+	}
+
+	@Override
+	public List<UserIpv6AddressVO> listByPhysicalNetworkId(long physicalNetworkId) {
+        SearchCriteria<UserIpv6AddressVO> sc = AllFieldsSearch.create();
+        sc.setParameters("physicalNetworkId", physicalNetworkId);
+        return listBy(sc);
+	}
+
+	@Override
+	public long countExistedIpsInNetwork(long networkId) {
+        SearchCriteria<Long> sc = CountFreePublicIps.create();
+        sc.setParameters("networkId", networkId);
+        return customSearch(sc, null).get(0);       
+	}
+}
diff --git a/server/src/com/cloud/network/element/VirtualRouterElement.java b/server/src/com/cloud/network/element/VirtualRouterElement.java
index e0652554bf3..500d0b68ece 100755
--- a/server/src/com/cloud/network/element/VirtualRouterElement.java
+++ b/server/src/com/cloud/network/element/VirtualRouterElement.java
@@ -842,6 +842,11 @@ public class VirtualRouterElement extends AdapterBase implements VirtualRouterEl
                 return false;
             }
 
+            if (network.getIp6Gateway() != null) {
+            	s_logger.info("Skip password and userdata service setup for IPv6 VM");
+            	return true;
+            }
+
             @SuppressWarnings("unchecked")
             VirtualMachineProfile<UserVm> uservm = (VirtualMachineProfile<UserVm>) vm;
 
diff --git a/server/src/com/cloud/network/guru/DirectNetworkGuru.java b/server/src/com/cloud/network/guru/DirectNetworkGuru.java
index 4be7491cc45..7ea988feb48 100755
--- a/server/src/com/cloud/network/guru/DirectNetworkGuru.java
+++ b/server/src/com/cloud/network/guru/DirectNetworkGuru.java
@@ -31,6 +31,7 @@ import com.cloud.exception.ConcurrentOperationException;
 import com.cloud.exception.InsufficientAddressCapacityException;
 import com.cloud.exception.InsufficientVirtualNetworkCapcityException;
 import com.cloud.exception.InvalidParameterValueException;
+import com.cloud.network.Ipv6AddressManager;
 import com.cloud.network.Network;
 import com.cloud.network.Network.GuestType;
 import com.cloud.network.Network.Service;
@@ -41,9 +42,11 @@ import com.cloud.network.NetworkProfile;
 import com.cloud.network.Networks.BroadcastDomainType;
 import com.cloud.network.Networks.Mode;
 import com.cloud.network.Networks.TrafficType;
+import com.cloud.network.UserIpv6AddressVO;
 import com.cloud.network.dao.IPAddressDao;
 import com.cloud.network.dao.IPAddressVO;
 import com.cloud.network.dao.NetworkVO;
+import com.cloud.network.dao.UserIpv6AddressDao;
 import com.cloud.offering.NetworkOffering;
 import com.cloud.offerings.dao.NetworkOfferingDao;
 import com.cloud.user.Account;
@@ -72,6 +75,10 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru {
     IPAddressDao _ipAddressDao;
     @Inject
     NetworkOfferingDao _networkOfferingDao;
+    @Inject
+    UserIpv6AddressDao _ipv6Dao;
+    @Inject
+    Ipv6AddressManager _ipv6Mgr;
     
     private static final TrafficType[] _trafficTypes = {TrafficType.Guest};
     
@@ -120,11 +127,20 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru {
                 throw new InvalidParameterValueException("cidr and gateway must be specified together.");
             }
 
+            if ((userSpecified.getIp6Cidr() == null && userSpecified.getIp6Gateway() != null) || (userSpecified.getIp6Cidr() != null && userSpecified.getIp6Gateway() == null)) {
+                throw new InvalidParameterValueException("cidrv6 and gatewayv6 must be specified together.");
+            }
+
             if (userSpecified.getCidr() != null) {
                 config.setCidr(userSpecified.getCidr());
                 config.setGateway(userSpecified.getGateway());
             }
 
+            if (userSpecified.getIp6Cidr() != null) {
+                config.setIp6Cidr(userSpecified.getIp6Cidr());
+                config.setIp6Gateway(userSpecified.getIp6Gateway());
+            }
+
             if (userSpecified.getBroadcastUri() != null) {
                 config.setBroadcastUri(userSpecified.getBroadcastUri());
                 config.setState(State.Setup);
@@ -137,6 +153,9 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru {
 
         boolean isSecurityGroupEnabled = _networkModel.areServicesSupportedByNetworkOffering(offering.getId(), Service.SecurityGroup);
         if (isSecurityGroupEnabled) {
+        	if (userSpecified.getIp6Cidr() != null) {
+                throw new InvalidParameterValueException("Didn't support security group with IPv6");
+        	}
             config.setName("SecurityGroupEnabledNetwork");
             config.setDisplayText("SecurityGroupEnabledNetwork");
         }
@@ -165,13 +184,13 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru {
 
         if (nic == null) {
             nic = new NicProfile(ReservationStrategy.Create, null, null, null, null);
-        } else if (nic.getIp4Address() == null) {
+        } else if (nic.getIp4Address() == null && nic.getIp6Address() == null) {
             nic.setStrategy(ReservationStrategy.Start);
         } else {
             nic.setStrategy(ReservationStrategy.Create);
         }
 
-        _networkMgr.allocateDirectIp(nic, dc, vm, network, nic.getRequestedIp());
+        _networkMgr.allocateDirectIp(nic, dc, vm, network, nic.getRequestedIpv4(), nic.getRequestedIpv6());
         nic.setStrategy(ReservationStrategy.Create);
 
         return nic;
@@ -180,8 +199,8 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru {
     @Override
     public void reserve(NicProfile nic, Network network, VirtualMachineProfile<? extends VirtualMachine> vm, DeployDestination dest, ReservationContext context)
             throws InsufficientVirtualNetworkCapcityException, InsufficientAddressCapacityException, ConcurrentOperationException {
-        if (nic.getIp4Address() == null) {
-            _networkMgr.allocateDirectIp(nic, dest.getDataCenter(), vm, network, null);
+        if (nic.getIp4Address() == null && nic.getIp6Address() == null) {
+            _networkMgr.allocateDirectIp(nic, dest.getDataCenter(), vm, network, null, null);
             nic.setStrategy(ReservationStrategy.Create);
         }
     }
@@ -202,6 +221,7 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru {
             s_logger.debug("Deallocate network: networkId: " + nic.getNetworkId() + ", ip: " + nic.getIp4Address());
         }
     	
+    	if (nic.getIp4Address() != null) {
         IPAddressVO ip = _ipAddressDao.findByIpAndSourceNetworkId(nic.getNetworkId(), nic.getIp4Address());
         if (ip != null) {
             Transaction txn = Transaction.currentTxn();
@@ -210,6 +230,11 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru {
             _ipAddressDao.unassignIpAddress(ip.getId());
             txn.commit();
         }
+    	}
+    	
+    	if (nic.getIp6Address() != null) {
+    		_ipv6Mgr.revokeDirectIpv6Address(nic.getNetworkId(), nic.getIp6Address());
+    	}
         nic.deallocate();
     }
 
diff --git a/server/src/com/cloud/network/guru/DirectPodBasedNetworkGuru.java b/server/src/com/cloud/network/guru/DirectPodBasedNetworkGuru.java
index ead7c277493..8efbcd7b7d1 100755
--- a/server/src/com/cloud/network/guru/DirectPodBasedNetworkGuru.java
+++ b/server/src/com/cloud/network/guru/DirectPodBasedNetworkGuru.java
@@ -96,7 +96,7 @@ public class DirectPodBasedNetworkGuru extends DirectNetworkGuru {
             rsStrategy = ReservationStrategy.Create;
         }
         
-        if (nic != null && nic.getRequestedIp() != null) {
+        if (nic != null && nic.getRequestedIpv4() != null) {
             throw new CloudRuntimeException("Does not support custom ip allocation at this time: " + nic);
         }
        
diff --git a/server/src/com/cloud/network/guru/ExternalGuestNetworkGuru.java b/server/src/com/cloud/network/guru/ExternalGuestNetworkGuru.java
index ba694017b0b..37cd7d49ff7 100644
--- a/server/src/com/cloud/network/guru/ExternalGuestNetworkGuru.java
+++ b/server/src/com/cloud/network/guru/ExternalGuestNetworkGuru.java
@@ -192,7 +192,7 @@ public class ExternalGuestNetworkGuru extends GuestNetworkGuru {
     public NicProfile allocate(Network config, NicProfile nic, VirtualMachineProfile<? extends VirtualMachine> vm) throws InsufficientVirtualNetworkCapcityException,
             InsufficientAddressCapacityException {
 
-        if (_networkModel.networkIsConfiguredForExternalNetworking(config.getDataCenterId(), config.getId()) && nic != null && nic.getRequestedIp() != null) {
+        if (_networkModel.networkIsConfiguredForExternalNetworking(config.getDataCenterId(), config.getId()) && nic != null && nic.getRequestedIpv4() != null) {
             throw new CloudRuntimeException("Does not support custom ip allocation at this time: " + nic);
         }
         
diff --git a/server/src/com/cloud/network/guru/GuestNetworkGuru.java b/server/src/com/cloud/network/guru/GuestNetworkGuru.java
index cfdca941880..bca511499b1 100755
--- a/server/src/com/cloud/network/guru/GuestNetworkGuru.java
+++ b/server/src/com/cloud/network/guru/GuestNetworkGuru.java
@@ -354,7 +354,7 @@ public abstract class GuestNetworkGuru extends AdapterBase implements NetworkGur
 
             String guestIp = null;
             if (network.getSpecifyIpRanges()) {
-                _networkMgr.allocateDirectIp(nic, dc, vm, network, nic.getRequestedIp());
+                _networkMgr.allocateDirectIp(nic, dc, vm, network, nic.getRequestedIpv4(), null);
             } else {
                 //if Vm is router vm and source nat is enabled in the network, set ip4 to the network gateway
                 boolean isGateway = false;
@@ -373,7 +373,7 @@ public abstract class GuestNetworkGuru extends AdapterBase implements NetworkGur
                 if (isGateway) {
                     guestIp = network.getGateway();
                 } else {
-                    guestIp = _networkMgr.acquireGuestIpAddress(network, nic.getRequestedIp());
+                    guestIp = _networkMgr.acquireGuestIpAddress(network, nic.getRequestedIpv4());
                     if (guestIp == null) {
                         throw new InsufficientVirtualNetworkCapcityException("Unable to acquire Guest IP" +
                                 " address for network " + network, DataCenter.class, dc.getId());
diff --git a/server/src/com/cloud/network/guru/PodBasedNetworkGuru.java b/server/src/com/cloud/network/guru/PodBasedNetworkGuru.java
index f89ce54aeea..5a24fe56305 100755
--- a/server/src/com/cloud/network/guru/PodBasedNetworkGuru.java
+++ b/server/src/com/cloud/network/guru/PodBasedNetworkGuru.java
@@ -100,7 +100,7 @@ public class PodBasedNetworkGuru extends AdapterBase implements NetworkGuru {
         assert trafficType == TrafficType.Management || trafficType == TrafficType.Storage: "Well, I can't take care of this config now can I? " + config; 
         
         if (nic != null) {
-            if (nic.getRequestedIp() != null) {
+            if (nic.getRequestedIpv4() != null) {
                 throw new CloudRuntimeException("Does not support custom ip allocation at this time: " + nic);
             }
             nic.setStrategy(nic.getIp4Address() != null ? ReservationStrategy.Create : ReservationStrategy.Start);
diff --git a/server/src/com/cloud/network/guru/PublicNetworkGuru.java b/server/src/com/cloud/network/guru/PublicNetworkGuru.java
index e6e519daaca..a83cdb37c69 100755
--- a/server/src/com/cloud/network/guru/PublicNetworkGuru.java
+++ b/server/src/com/cloud/network/guru/PublicNetworkGuru.java
@@ -142,7 +142,7 @@ public class PublicNetworkGuru extends AdapterBase implements NetworkGuru {
 
         DataCenter dc = _dcDao.findById(network.getDataCenterId());       
 
-        if (nic != null && nic.getRequestedIp() != null) {
+        if (nic != null && nic.getRequestedIpv4() != null) {
             throw new CloudRuntimeException("Does not support custom ip allocation at this time: " + nic);
         }
 
diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
index a7870799a47..1abca51060e 100755
--- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
+++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
@@ -1694,7 +1694,7 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
                 }
             }
 
-            NicProfile gatewayNic = new NicProfile(defaultNetworkStartIp);
+            NicProfile gatewayNic = new NicProfile(defaultNetworkStartIp, null);
             if (setupPublicNetwork) {
                 if (isRedundant) {
                     gatewayNic.setIp4Address(_networkMgr.acquireGuestIpAddress(guestNetwork, null));
@@ -1924,11 +1924,25 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
         String defaultDns2 = null;
         for (NicProfile nic : profile.getNics()) {
             int deviceId = nic.getDeviceId();
+            boolean ipv4 = false, ipv6 = false;
+            if (nic.getIp4Address() != null) {
+            	ipv4 = true;
             buf.append(" eth").append(deviceId).append("ip=").append(nic.getIp4Address());
             buf.append(" eth").append(deviceId).append("mask=").append(nic.getNetmask());
+            }
+            if (nic.getIp6Address() != null) {
+            	ipv6 = true;
+            	buf.append(" eth").append(deviceId).append("ip6=").append(nic.getIp6Address());
+            	buf.append(" eth").append(deviceId).append("ip6prelen=").append(NetUtils.getIp6CidrSize(nic.getIp6Cidr()));
+            }
             
             if (nic.isDefaultNic()) {
+            	if (ipv4) {
                 buf.append(" gateway=").append(nic.getGateway());
+            	}
+            	if (ipv6) {
+            		buf.append(" ip6gateway=").append(nic.getIp6Gateway());
+            	}
                 defaultDns1 = nic.getDns1();
                 defaultDns2 = nic.getDns2();
             }
@@ -3068,11 +3082,11 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
     }
     
     private void createDhcpEntryCommand(VirtualRouter router, UserVm vm, NicVO nic, Commands cmds) {
-        DhcpEntryCommand dhcpCommand = new DhcpEntryCommand(nic.getMacAddress(), nic.getIp4Address(), vm.getHostName());
+        DhcpEntryCommand dhcpCommand = new DhcpEntryCommand(nic.getMacAddress(), nic.getIp4Address(), vm.getHostName(), nic.getIp6Address());
         DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
         String gatewayIp = findGatewayIp(vm.getId());
         boolean needGateway = true;
-        if (!gatewayIp.equals(nic.getGateway())) {
+        if (gatewayIp != null && !gatewayIp.equals(nic.getGateway())) {
             needGateway = false;
             GuestOSVO guestOS = _guestOSDao.findById(vm.getGuestOSId());
             // Do set dhcp:router option for non-default nic on certain OS(including Windows), and leave other OS unset.
@@ -3088,7 +3102,9 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
             gatewayIp = "0.0.0.0";
         }
         dhcpCommand.setDefaultRouter(gatewayIp);
+        dhcpCommand.setIp6Gateway(nic.getIp6Gateway());
         dhcpCommand.setDefaultDns(findDefaultDnsIp(vm.getId()));
+        dhcpCommand.setDuid(NetUtils.getDuidLL(nic.getMacAddress()));
 
         dhcpCommand.setAccessDetail(NetworkElementCommand.ROUTER_IP, getRouterControlIp(router.getId()));
         dhcpCommand.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
diff --git a/server/src/com/cloud/network/vpc/VpcManagerImpl.java b/server/src/com/cloud/network/vpc/VpcManagerImpl.java
index f065669b254..7197c363264 100644
--- a/server/src/com/cloud/network/vpc/VpcManagerImpl.java
+++ b/server/src/com/cloud/network/vpc/VpcManagerImpl.java
@@ -1877,7 +1877,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager{
 
         //2) Create network
         Network guestNetwork = _ntwkMgr.createGuestNetwork(ntwkOffId, name, displayText, gateway, cidr, vlanId, 
-                networkDomain, owner, domainId, pNtwk, zoneId, aclType, subdomainAccess, vpcId);
+                networkDomain, owner, domainId, pNtwk, zoneId, aclType, subdomainAccess, vpcId, null, null);
 
         return guestNetwork;
     }
diff --git a/server/src/com/cloud/user/AccountManagerImpl.java b/server/src/com/cloud/user/AccountManagerImpl.java
index eceeb84291c..5512d3fb21e 100755
--- a/server/src/com/cloud/user/AccountManagerImpl.java
+++ b/server/src/com/cloud/user/AccountManagerImpl.java
@@ -141,7 +141,7 @@ import com.cloud.vm.dao.VMInstanceDao;
 
 @Component
 @Local(value = { AccountManager.class, AccountService.class })
-public class AccountManagerImpl extends ManagerBase implements AccountManager, AccountService {
+public class AccountManagerImpl extends ManagerBase implements AccountManager, Manager {
     public static final Logger s_logger = Logger.getLogger(AccountManagerImpl.class);
 
     @Inject
diff --git a/server/src/com/cloud/vm/NicVO.java b/server/src/com/cloud/vm/NicVO.java
index 64b9153a347..8e2edda40aa 100644
--- a/server/src/com/cloud/vm/NicVO.java
+++ b/server/src/com/cloud/vm/NicVO.java
@@ -99,6 +99,12 @@ public class NicVO implements Nic {
     @Column(name = "default_nic")
     boolean defaultNic;
 
+    @Column(name = "ip6_gateway")
+    String ip6Gateway;
+
+    @Column(name = "ip6_cidr")
+    String ip6Cidr;
+
     @Column(name = "strategy")
     @Enumerated(value = EnumType.STRING)
     ReservationStrategy reservationStrategy;
@@ -156,6 +162,7 @@ public class NicVO implements Nic {
         this.defaultNic = defaultNic;
     }
 
+    @Override
     public String getIp6Address() {
         return ip6Address;
     }
@@ -324,4 +331,22 @@ public class NicVO implements Nic {
     public void setUuid(String uuid) {
     	this.uuid = uuid;
     }
+
+    @Override
+	public String getIp6Gateway() {
+		return ip6Gateway;
+	}
+
+	public void setIp6Gateway(String ip6Gateway) {
+		this.ip6Gateway = ip6Gateway;
+	}
+
+    @Override
+	public String getIp6Cidr() {
+		return ip6Cidr;
+	}
+
+	public void setIp6Cidr(String ip6Cidr) {
+		this.ip6Cidr = ip6Cidr;
+	}
 }
diff --git a/server/src/com/cloud/vm/UserVmManagerImpl.java b/server/src/com/cloud/vm/UserVmManagerImpl.java
index dd60da7b21c..ad358ebaed1 100644
--- a/server/src/com/cloud/vm/UserVmManagerImpl.java
+++ b/server/src/com/cloud/vm/UserVmManagerImpl.java
@@ -134,6 +134,8 @@ import com.cloud.host.dao.HostDao;
 import com.cloud.hypervisor.Hypervisor.HypervisorType;
 import com.cloud.hypervisor.dao.HypervisorCapabilitiesDao;
 import com.cloud.network.Network;
+import com.cloud.network.*;
+import com.cloud.network.Network.IpAddresses;
 import com.cloud.network.Network.Provider;
 import com.cloud.network.Network.Service;
 import com.cloud.network.NetworkManager;
@@ -1318,9 +1320,9 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
         if(network == null) {
             throw new InvalidParameterValueException("unable to find a network with id " + networkId);
         }
-        NicProfile profile = new NicProfile(null);
+        NicProfile profile = new NicProfile(null, null);
         if(ipAddress != null) {
-          profile = new NicProfile(ipAddress);
+          profile = new NicProfile(ipAddress, null);
         }
 
         // Perform permission check on VM
@@ -2810,16 +2812,9 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
     }
 
     @Override
-    public UserVm createBasicSecurityGroupVirtualMachine(DataCenter zone,
-            ServiceOffering serviceOffering, VirtualMachineTemplate template,
-            List<Long> securityGroupIdList, Account owner, String hostName,
-            String displayName, Long diskOfferingId, Long diskSize,
-            String group, HypervisorType hypervisor, String userData,
-            String sshKeyPair, Map<Long, String> requestedIps,
-            String defaultIp, String keyboard)
-                    throws InsufficientCapacityException, ConcurrentOperationException,
-                    ResourceUnavailableException, StorageUnavailableException,
-                    ResourceAllocationException {
+    public UserVm createBasicSecurityGroupVirtualMachine(DataCenter zone, ServiceOffering serviceOffering, VirtualMachineTemplate template, List<Long> securityGroupIdList, Account owner,
+            String hostName, String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, String userData, String sshKeyPair, Map<Long, IpAddresses> requestedIps, IpAddresses defaultIps, String keyboard)
+                    throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException, StorageUnavailableException, ResourceAllocationException {
 
         Account caller = UserContext.current().getCaller();
         List<NetworkVO> networkList = new ArrayList<NetworkVO>();
@@ -2867,22 +2862,14 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
             }
         }
 
-        return createVirtualMachine(zone, serviceOffering, template, hostName,
-                displayName, owner, diskOfferingId, diskSize, networkList,
-                securityGroupIdList, group, userData, sshKeyPair, hypervisor,
-                caller, requestedIps, defaultIp, keyboard);
+        return createVirtualMachine(zone, serviceOffering, template, hostName, displayName, owner, diskOfferingId,
+                diskSize, networkList, securityGroupIdList, group, userData, sshKeyPair, hypervisor, caller, requestedIps, defaultIps, keyboard);
     }
 
     @Override
-    public UserVm createAdvancedSecurityGroupVirtualMachine(DataCenter zone,
-            ServiceOffering serviceOffering, VirtualMachineTemplate template,
-            List<Long> networkIdList, List<Long> securityGroupIdList,
-            Account owner, String hostName, String displayName,
-            Long diskOfferingId, Long diskSize, String group,
-            HypervisorType hypervisor, String userData, String sshKeyPair,
-            Map<Long, String> requestedIps, String defaultIp, String keyboard)
-                    throws InsufficientCapacityException, ConcurrentOperationException,
-                    ResourceUnavailableException, StorageUnavailableException,
+    public UserVm createAdvancedSecurityGroupVirtualMachine(DataCenter zone, ServiceOffering serviceOffering, VirtualMachineTemplate template, List<Long> networkIdList,
+            List<Long> securityGroupIdList, Account owner, String hostName, String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, String userData,
+            String sshKeyPair, Map<Long, IpAddresses> requestedIps, IpAddresses defaultIps, String keyboard) throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException, StorageUnavailableException,
                     ResourceAllocationException {
 
         Account caller = UserContext.current().getCaller();
@@ -2999,23 +2986,14 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
             }
         }
 
-        return createVirtualMachine(zone, serviceOffering, template, hostName,
-                displayName, owner, diskOfferingId, diskSize, networkList,
-                securityGroupIdList, group, userData, sshKeyPair, hypervisor,
-                caller, requestedIps, defaultIp, keyboard);
+        return createVirtualMachine(zone, serviceOffering, template, hostName, displayName, owner, diskOfferingId,
+                diskSize, networkList, securityGroupIdList, group, userData, sshKeyPair, hypervisor, caller, requestedIps, defaultIps, keyboard);
     }
 
     @Override
-    public UserVm createAdvancedVirtualMachine(DataCenter zone,
-            ServiceOffering serviceOffering, VirtualMachineTemplate template,
-            List<Long> networkIdList, Account owner, String hostName,
-            String displayName, Long diskOfferingId, Long diskSize,
-            String group, HypervisorType hypervisor, String userData,
-            String sshKeyPair, Map<Long, String> requestedIps,
-            String defaultIp, String keyboard)
-                    throws InsufficientCapacityException, ConcurrentOperationException,
-                    ResourceUnavailableException, StorageUnavailableException,
-                    ResourceAllocationException {
+    public UserVm createAdvancedVirtualMachine(DataCenter zone, ServiceOffering serviceOffering, VirtualMachineTemplate template, List<Long> networkIdList, Account owner, String hostName,
+            String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, String userData, String sshKeyPair, Map<Long, IpAddresses> requestedIps, IpAddresses defaultIps, String keyboard)
+                    throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException, StorageUnavailableException, ResourceAllocationException {
 
         Account caller = UserContext.current().getCaller();
         List<NetworkVO> networkList = new ArrayList<NetworkVO>();
@@ -3054,21 +3032,12 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
                     PhysicalNetwork physicalNetwork = _physicalNetworkDao
                             .findById(physicalNetworkId);
                     if (physicalNetwork == null) {
-                        throw new InvalidParameterValueException(
-                                "Unable to find physical network with id: "
-                                        + physicalNetworkId + " and tag: "
-                                        + requiredOfferings.get(0).getTags());
+                        throw new InvalidParameterValueException("Unable to find physical network with id: "+physicalNetworkId   + " and tag: " +requiredOfferings.get(0).getTags());
                     }
-                    s_logger.debug("Creating network for account " + owner
-                            + " from the network offering id="
-                            + requiredOfferings.get(0).getId()
-                            + " as a part of deployVM process");
-                    Network newNetwork = _networkMgr.createGuestNetwork(
-                            requiredOfferings.get(0).getId(),
-                            owner.getAccountName() + "-network",
-                            owner.getAccountName() + "-network", null, null,
-                            null, null, owner, null, physicalNetwork,
-                            zone.getId(), ACLType.Account, null, null);
+                    s_logger.debug("Creating network for account " + owner + " from the network offering id=" +requiredOfferings.get(0).getId() + " as a part of deployVM process");
+                    Network newNetwork = _networkMgr.createGuestNetwork(requiredOfferings.get(0).getId(),
+                            owner.getAccountName() + "-network", owner.getAccountName() + "-network", null, null,
+                            null, null, owner, null, physicalNetwork, zone.getId(), ACLType.Account, null, null, null, null);
                     defaultNetwork = _networkDao.findById(newNetwork.getId());
                 } else if (virtualNetworks.size() > 1) {
                     throw new InvalidParameterValueException(
@@ -3131,24 +3100,13 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
             }
         }
 
-        return createVirtualMachine(zone, serviceOffering, template, hostName,
-                displayName, owner, diskOfferingId, diskSize, networkList,
-                null, group, userData, sshKeyPair, hypervisor, caller,
-                requestedIps, defaultIp, keyboard);
+        return createVirtualMachine(zone, serviceOffering, template, hostName, displayName, owner, diskOfferingId, diskSize, networkList, null, group, userData, sshKeyPair, hypervisor, caller, requestedIps, defaultIps, keyboard);
     }
 
-    @DB
-    @ActionEvent(eventType = EventTypes.EVENT_VM_CREATE, eventDescription = "deploying Vm", create = true)
-    protected UserVm createVirtualMachine(DataCenter zone,
-            ServiceOffering serviceOffering, VirtualMachineTemplate template,
-            String hostName, String displayName, Account owner,
-            Long diskOfferingId, Long diskSize, List<NetworkVO> networkList,
-            List<Long> securityGroupIdList, String group, String userData,
-            String sshKeyPair, HypervisorType hypervisor, Account caller,
-            Map<Long, String> requestedIps, String defaultNetworkIp,
-            String keyboard) throws InsufficientCapacityException,
-            ResourceUnavailableException, ConcurrentOperationException,
-            StorageUnavailableException, ResourceAllocationException {
+    @DB @ActionEvent(eventType = EventTypes.EVENT_VM_CREATE, eventDescription = "deploying Vm", create = true)
+    protected UserVm createVirtualMachine(DataCenter zone, ServiceOffering serviceOffering, VirtualMachineTemplate template, String hostName, String displayName, Account owner, Long diskOfferingId,
+            Long diskSize, List<NetworkVO> networkList, List<Long> securityGroupIdList, String group, String userData, String sshKeyPair, HypervisorType hypervisor, Account caller, Map<Long, IpAddresses> requestedIps, IpAddresses defaultIps, String keyboard)
+            		throws InsufficientCapacityException, ResourceUnavailableException, ConcurrentOperationException, StorageUnavailableException, ResourceAllocationException {
 
         _accountMgr.checkAccess(caller, null, true, owner);
 
@@ -3159,7 +3117,7 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
 
         long accountId = owner.getId();
 
-        assert !(requestedIps != null && defaultNetworkIp != null) : "requestedIp list and defaultNetworkIp should never be specified together";
+        assert !(requestedIps != null && (defaultIps.getIp4Address() != null || defaultIps.getIp6Address() != null)) : "requestedIp list and defaultNetworkIp should never be specified together";
 
         if (Grouping.AllocationState.Disabled == zone.getAllocationState()
                 && !_accountMgr.isRootAdmin(caller.getType())) {
@@ -3270,18 +3228,25 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
                         + zone.getId());
             }
 
-            String requestedIp = null;
+            IpAddresses requestedIpPair = null;
             if (requestedIps != null && !requestedIps.isEmpty()) {
-                requestedIp = requestedIps.get(network.getId());
+                requestedIpPair = requestedIps.get(network.getId());
             }
 
-            NicProfile profile = new NicProfile(requestedIp);
+            if (requestedIpPair == null) {
+            	requestedIpPair = new IpAddresses(null, null);
+            } else {
+            	checkRequestedIpAddresses(requestedIpPair.getIp4Address(), requestedIpPair.getIp6Address());
+            }
+            
+            NicProfile profile = new NicProfile(requestedIpPair.getIp4Address(), requestedIpPair.getIp6Address());
 
             if (defaultNetworkNumber == 0) {
                 defaultNetworkNumber++;
                 // if user requested specific ip for default network, add it
-                if (defaultNetworkIp != null) {
-                    profile = new NicProfile(defaultNetworkIp);
+                if (defaultIps.getIp4Address() != null || defaultIps.getIp6Address() != null) {
+                	checkRequestedIpAddresses(defaultIps.getIp4Address(), defaultIps.getIp6Address());
+                    profile = new NicProfile(defaultIps.getIp4Address(), defaultIps.getIp6Address());
                 }
 
                 profile.setDefaultNic(true);
@@ -3460,6 +3425,19 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
         return vm;
     }
 
+    private void checkRequestedIpAddresses(String ip4, String ip6) throws InvalidParameterValueException {
+    	if (ip4 != null) {
+    		if (!NetUtils.isValidIp(ip4)) {
+    			throw new InvalidParameterValueException("Invalid specified IPv4 address " + ip4);
+    		}
+    	}
+    	if (ip6 != null) {
+    		if (!NetUtils.isValidIpv6(ip6)) {
+    			throw new InvalidParameterValueException("Invalid specified IPv6 address " + ip6);
+    		}
+    	}
+	}
+
     private void validateUserData(String userData) {
         byte[] decodedUserData = null;
         if (userData != null) {
@@ -4693,7 +4671,7 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
                                     requiredOfferings.get(0).getId() + " as a part of deployVM process");
                             Network newNetwork = _networkMgr.createGuestNetwork(requiredOfferings.get(0).getId(),
                                     newAccount.getAccountName() + "-network", newAccount.getAccountName() + "-network", null, null,
-                                    null, null, newAccount, null, physicalNetwork, zone.getId(), ACLType.Account, null, null);
+                                    null, null, newAccount, null, physicalNetwork, zone.getId(), ACLType.Account, null, null, null, null);
                             defaultNetwork = _networkDao.findById(newNetwork.getId());
                         } else if (virtualNetworks.size() > 1) {
                             throw new InvalidParameterValueException(
diff --git a/server/test/com/cloud/network/MockNetworkManagerImpl.java b/server/test/com/cloud/network/MockNetworkManagerImpl.java
index fbd3e274075..4a24f9a8fcf 100755
--- a/server/test/com/cloud/network/MockNetworkManagerImpl.java
+++ b/server/test/com/cloud/network/MockNetworkManagerImpl.java
@@ -252,7 +252,7 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage
 
     @Override
     public Network createGuestNetwork(long networkOfferingId, String name, String displayText, String gateway, String cidr, String vlanId, String networkDomain, Account owner, Long domainId,
-            PhysicalNetwork physicalNetwork, long zoneId, ACLType aclType, Boolean subdomainAccess, Long vpcId) throws ConcurrentOperationException, InsufficientCapacityException, ResourceAllocationException {
+            PhysicalNetwork physicalNetwork, long zoneId, ACLType aclType, Boolean subdomainAccess, Long vpcId, String gatewayv6, String cidrv6) throws ConcurrentOperationException, InsufficientCapacityException, ResourceAllocationException {
         // TODO Auto-generated method stub
         return null;
     }
@@ -666,7 +666,7 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage
      */
     @Override
     public void allocateDirectIp(NicProfile nic, DataCenter dc, VirtualMachineProfile<? extends VirtualMachine> vm,
-            Network network, String requestedIp) throws InsufficientVirtualNetworkCapcityException,
+            Network network, String requestedIpv4, String requestedIpv6) throws InsufficientVirtualNetworkCapcityException,
             InsufficientAddressCapacityException {
         // TODO Auto-generated method stub
 
diff --git a/server/test/com/cloud/network/MockNetworkModelImpl.java b/server/test/com/cloud/network/MockNetworkModelImpl.java
index 50af79624e2..1c36364f418 100644
--- a/server/test/com/cloud/network/MockNetworkModelImpl.java
+++ b/server/test/com/cloud/network/MockNetworkModelImpl.java
@@ -809,4 +809,10 @@ public class MockNetworkModelImpl extends ManagerBase implements NetworkModel {
         return false;
     }
 
+	@Override
+	public Vlan getVlanForNetwork(long networkId) {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
 }
diff --git a/server/test/com/cloud/user/MockAccountManagerImpl.java b/server/test/com/cloud/user/MockAccountManagerImpl.java
index e5a7adaf1cc..1893d67d91c 100644
--- a/server/test/com/cloud/user/MockAccountManagerImpl.java
+++ b/server/test/com/cloud/user/MockAccountManagerImpl.java
@@ -47,7 +47,7 @@ import com.cloud.utils.db.SearchCriteria;
 
 @Component
 @Local(value = { AccountManager.class, AccountService.class })
-public class MockAccountManagerImpl extends ManagerBase implements AccountManager, AccountService {
+public class MockAccountManagerImpl extends ManagerBase implements Manager, AccountManager {
 
 
     @Override
diff --git a/server/test/com/cloud/vm/MockUserVmManagerImpl.java b/server/test/com/cloud/vm/MockUserVmManagerImpl.java
index 86f9d5484de..1ee627fb738 100644
--- a/server/test/com/cloud/vm/MockUserVmManagerImpl.java
+++ b/server/test/com/cloud/vm/MockUserVmManagerImpl.java
@@ -64,6 +64,7 @@ import com.cloud.exception.PermissionDeniedException;
 import com.cloud.host.Host;
 import com.cloud.hypervisor.Hypervisor.HypervisorType;
 import com.cloud.network.Network;
+import com.cloud.network.Network.IpAddresses;
 import com.cloud.offering.ServiceOffering;
 import com.cloud.projects.Project.ListProjectResourcesCriteria;
 import com.cloud.server.Criteria;
@@ -384,8 +385,8 @@ public class MockUserVmManagerImpl extends ManagerBase implements UserVmManager,
 
     @Override
     public UserVm createBasicSecurityGroupVirtualMachine(DataCenter zone, ServiceOffering serviceOffering, VirtualMachineTemplate template, List<Long> securityGroupIdList, Account owner,
-            String hostName, String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, String userData, String sshKeyPair, Map<Long, String> requestedIps,
-            String defaultIp, String keyboard) throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException, StorageUnavailableException,
+            String hostName, String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, String userData, String sshKeyPair, Map<Long, IpAddresses> requestedIps,
+            IpAddresses defaultIp, String keyboard) throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException, StorageUnavailableException,
             ResourceAllocationException {
         // TODO Auto-generated method stub
         return null;
@@ -394,7 +395,7 @@ public class MockUserVmManagerImpl extends ManagerBase implements UserVmManager,
     @Override
     public UserVm createAdvancedSecurityGroupVirtualMachine(DataCenter zone, ServiceOffering serviceOffering, VirtualMachineTemplate template, List<Long> networkIdList,
             List<Long> securityGroupIdList, Account owner, String hostName, String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, String userData,
-            String sshKeyPair, Map<Long, String> requestedIps, String defaultIp, String keyboard) throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException,
+            String sshKeyPair, Map<Long, IpAddresses> requestedIps, IpAddresses defaultIps, String keyboard) throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException,
             StorageUnavailableException, ResourceAllocationException {
         // TODO Auto-generated method stub
         return null;
@@ -402,7 +403,7 @@ public class MockUserVmManagerImpl extends ManagerBase implements UserVmManager,
 
     @Override
     public UserVm createAdvancedVirtualMachine(DataCenter zone, ServiceOffering serviceOffering, VirtualMachineTemplate template, List<Long> networkIdList, Account owner, String hostName,
-            String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, String userData, String sshKeyPair, Map<Long, String> requestedIps, String defaultIp,
+            String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, String userData, String sshKeyPair, Map<Long, IpAddresses> requestedIps, IpAddresses defaultIps,
             String keyboard) throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException, StorageUnavailableException, ResourceAllocationException {
         // TODO Auto-generated method stub
         return null;
diff --git a/server/test/com/cloud/vpc/MockConfigurationManagerImpl.java b/server/test/com/cloud/vpc/MockConfigurationManagerImpl.java
index 0af9f162531..e0660518e9c 100644
--- a/server/test/com/cloud/vpc/MockConfigurationManagerImpl.java
+++ b/server/test/com/cloud/vpc/MockConfigurationManagerImpl.java
@@ -500,7 +500,7 @@ public class MockConfigurationManagerImpl extends ManagerBase implements Configu
      */
     @Override
     public Vlan createVlanAndPublicIpRange(long zoneId, long networkId, long physicalNetworkId, boolean forVirtualNetwork, Long podId, String startIP, String endIP, String vlanGateway, String vlanNetmask, String vlanId,
-            Account vlanOwner) throws InsufficientCapacityException, ConcurrentOperationException, InvalidParameterValueException {
+            Account vlanOwner, String startIPv6, String endIPv6, String vlanGatewayv6, String vlanCidrv6) throws InsufficientCapacityException, ConcurrentOperationException, InvalidParameterValueException {
         // TODO Auto-generated method stub
         return null;
     }
diff --git a/server/test/com/cloud/vpc/MockNetworkManagerImpl.java b/server/test/com/cloud/vpc/MockNetworkManagerImpl.java
index 7c8226affc9..534df1c79d9 100644
--- a/server/test/com/cloud/vpc/MockNetworkManagerImpl.java
+++ b/server/test/com/cloud/vpc/MockNetworkManagerImpl.java
@@ -56,6 +56,7 @@ import com.cloud.network.PhysicalNetwork;
 import com.cloud.network.PhysicalNetworkServiceProvider;
 import com.cloud.network.PhysicalNetworkTrafficType;
 import com.cloud.network.PublicIpAddress;
+import com.cloud.network.UserIpv6Address;
 import com.cloud.network.addr.PublicIp;
 import com.cloud.network.dao.IPAddressVO;
 import com.cloud.network.dao.NetworkServiceMapDao;
@@ -849,7 +850,7 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage
     @Override
     public Network createGuestNetwork(long networkOfferingId, String name, String displayText, String gateway,
             String cidr, String vlanId, String networkDomain, Account owner, Long domainId,
-            PhysicalNetwork physicalNetwork, long zoneId, ACLType aclType, Boolean subdomainAccess, Long vpcId)
+            PhysicalNetwork physicalNetwork, long zoneId, ACLType aclType, Boolean subdomainAccess, Long vpcId, String gatewayv6, String cidrv6)
                     throws ConcurrentOperationException, InsufficientCapacityException, ResourceAllocationException {
         // TODO Auto-generated method stub
         return null;
@@ -1013,10 +1014,9 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage
      */
     @Override
     public void allocateDirectIp(NicProfile nic, DataCenter dc, VirtualMachineProfile<? extends VirtualMachine> vm,
-            Network network, String requestedIp) throws InsufficientVirtualNetworkCapcityException,
+            Network network, String requestedIpv4, String requestedIpv6) throws InsufficientVirtualNetworkCapcityException,
             InsufficientAddressCapacityException {
         // TODO Auto-generated method stub
-
     }
 
 
@@ -1315,10 +1315,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage
         return null;
     }
 
-
-
-
-
     /* (non-Javadoc)
      * @see com.cloud.network.NetworkService#getNetwork(java.lang.String)
      */
diff --git a/server/test/com/cloud/vpc/MockNetworkModelImpl.java b/server/test/com/cloud/vpc/MockNetworkModelImpl.java
index 312f9e676bf..8097c346970 100644
--- a/server/test/com/cloud/vpc/MockNetworkModelImpl.java
+++ b/server/test/com/cloud/vpc/MockNetworkModelImpl.java
@@ -823,4 +823,10 @@ public class MockNetworkModelImpl extends ManagerBase implements NetworkModel {
         return false;
     }
 
+	@Override
+	public Vlan getVlanForNetwork(long networkId) {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
 }
diff --git a/setup/db/create-schema.sql b/setup/db/create-schema.sql
index 338c5d916f9..55afa0f152b 100755
--- a/setup/db/create-schema.sql
+++ b/setup/db/create-schema.sql
@@ -245,6 +245,8 @@ CREATE TABLE `cloud`.`networks` (
   `broadcast_uri` varchar(255) COMMENT 'broadcast domain specifier',
   `gateway` varchar(15) COMMENT 'gateway for this network configuration',
   `cidr` varchar(18) COMMENT 'network cidr', 
+  `ip6_gateway` varchar(50) COMMENT 'IPv6 gateway for this network', 
+  `ip6_cidr` varchar(50) COMMENT 'IPv6 cidr for this network',
   `mode` varchar(32) COMMENT 'How to retrieve ip address in this network',
   `network_offering_id` bigint unsigned NOT NULL COMMENT 'network offering id that this configuration is created from',
   `physical_network_id` bigint unsigned COMMENT 'physical network id that this configuration is based on',
@@ -308,6 +310,8 @@ CREATE TABLE `cloud`.`nics` (
   `update_time` timestamp NOT NULL COMMENT 'time the state was changed',
   `isolation_uri` varchar(255) COMMENT 'id for isolation',
   `ip6_address` char(40) COMMENT 'ip6 address',
+  `ip6_gateway` varchar(50) COMMENT 'gateway for ip6 address',
+  `ip6_cidr` varchar(50) COMMENT 'cidr for ip6 address',
   `default_nic` tinyint NOT NULL COMMENT "None", 
   `vm_type` varchar(32) COMMENT 'type of vm: System or User vm',
   `created` datetime NOT NULL COMMENT 'date created',
@@ -538,7 +542,10 @@ CREATE TABLE `cloud`.`vlan` (
   `vlan_id` varchar(255),
   `vlan_gateway` varchar(255),
   `vlan_netmask` varchar(255),
+  `ip6_gateway` varchar(255),
+  `ip6_cidr` varchar(255),
   `description` varchar(255),
+  `ip6_range` varchar(255),
   `vlan_type` varchar(255),
   `data_center_id` bigint unsigned NOT NULL,
   `network_id` bigint unsigned NOT NULL COMMENT 'id of corresponding network offering',
@@ -2583,5 +2590,30 @@ INSERT INTO `cloud`.`counter` (id, uuid, source, name, value,created) VALUES (2,
 INSERT INTO `cloud`.`counter` (id, uuid, source, name, value,created) VALUES (3, UUID(), 'snmp','Linux CPU Idle - percentage', '1.3.6.1.4.1.2021.11.11.0', now());
 INSERT INTO `cloud`.`counter` (id, uuid, source, name, value,created) VALUES (100, UUID(), 'netscaler','Response Time - microseconds', 'RESPTIME', now());
 
+CREATE TABLE  `cloud`.`user_ipv6_address` (
+  `id` bigint unsigned NOT NULL UNIQUE auto_increment,
+  `uuid` varchar(40),
+  `account_id` bigint unsigned NULL,
+  `domain_id` bigint unsigned NULL,
+  `ip_address` char(50) NOT NULL,
+  `data_center_id` bigint unsigned NOT NULL COMMENT 'zone that it belongs to',
+  `vlan_id` bigint unsigned NOT NULL,
+  `state` char(32) NOT NULL default 'Free' COMMENT 'state of the ip address',
+  `mac_address` varchar(40) NOT NULL COMMENT 'mac address of this ip',
+  `source_network_id` bigint unsigned NOT NULL COMMENT 'network id ip belongs to',
+  `network_id` bigint unsigned COMMENT 'network this public ip address is associated with',
+  `physical_network_id` bigint unsigned NOT NULL COMMENT 'physical network id that this configuration is based on',
+  `created` datetime NULL COMMENT 'Date this ip was allocated to someone',
+  PRIMARY KEY (`id`),
+  UNIQUE (`ip_address`, `source_network_id`),
+  CONSTRAINT `fk_user_ipv6_address__source_network_id` FOREIGN KEY (`source_network_id`) REFERENCES `networks`(`id`),
+  CONSTRAINT `fk_user_ipv6_address__network_id` FOREIGN KEY (`network_id`) REFERENCES `networks`(`id`),
+  CONSTRAINT `fk_user_ipv6_address__account_id` FOREIGN KEY (`account_id`) REFERENCES `account`(`id`),
+  CONSTRAINT `fk_user_ipv6_address__vlan_id` FOREIGN KEY (`vlan_id`) REFERENCES `vlan`(`id`) ON DELETE CASCADE,
+  CONSTRAINT `fk_user_ipv6_address__data_center_id` FOREIGN KEY (`data_center_id`) REFERENCES `data_center`(`id`) ON DELETE CASCADE,
+  CONSTRAINT `uc_user_ipv6_address__uuid` UNIQUE (`uuid`),
+  CONSTRAINT `fk_user_ipv6_address__physical_network_id` FOREIGN KEY (`physical_network_id`) REFERENCES `physical_network`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
 SET foreign_key_checks = 1;
 
diff --git a/ui/scripts/ui-custom/instanceWizard.js b/ui/scripts/ui-custom/instanceWizard.js
index a30b6194e51..8e4ed7e010a 100644
--- a/ui/scripts/ui-custom/instanceWizard.js
+++ b/ui/scripts/ui-custom/instanceWizard.js
@@ -875,6 +875,9 @@
             if (index) {
               if (index == $steps.size() - 1 && $networkStep.hasClass('next-use-security-groups')) {
                 showStep(5);
+              } else if ($activeStep.find('.select-security-group:visible').size() &&
+                         $activeStep.find('.select-network.no-add-network').size()) {
+                showStep(5);
               } else {
                 showStep(index);
               }
diff --git a/utils/pom.xml b/utils/pom.xml
index c52f09aedbe..937fad35c0f 100644
--- a/utils/pom.xml
+++ b/utils/pom.xml
@@ -129,6 +129,11 @@
       <artifactId>ejb-api</artifactId>
       <version>${cs.ejb.version}</version>
     </dependency>
+    <dependency>
+        <groupId>com.googlecode.java-ipv6</groupId>
+        <artifactId>java-ipv6</artifactId>
+        <version>${cs.java-ipv6.version}</version>
+    </dependency>
     <dependency>
       <groupId>commons-configuration</groupId>
       <artifactId>commons-configuration</artifactId>
diff --git a/utils/src/com/cloud/utils/net/NetUtils.java b/utils/src/com/cloud/utils/net/NetUtils.java
index 005fe239c49..deb1d054cb1 100755
--- a/utils/src/com/cloud/utils/net/NetUtils.java
+++ b/utils/src/com/cloud/utils/net/NetUtils.java
@@ -37,6 +37,10 @@ import java.util.regex.Pattern;
 
 import org.apache.log4j.Logger;
 
+import com.googlecode.ipv6.IPv6Address;
+import com.googlecode.ipv6.IPv6AddressRange;
+import com.googlecode.ipv6.IPv6Network;
+
 import com.cloud.utils.IteratorUtil;
 import com.cloud.utils.Pair;
 import com.cloud.utils.script.Script;
@@ -1118,4 +1122,114 @@ public class NetUtils {
 
         return true;
     }
+
+	public static boolean isValidIpv6(String ip) {
+		try {
+			IPv6Address address = IPv6Address.fromString(ip);
+		} catch (IllegalArgumentException ex) {
+			return false;
+		}
+		return true;
+	}
+
+	public static boolean isValidIp6Cidr(String ip6Cidr) {
+		try {
+			IPv6Network network = IPv6Network.fromString(ip6Cidr);
+		} catch (IllegalArgumentException ex) {
+			return false;
+		}
+		return true;
+	}
+
+	public static int getIp6CidrSize(String ip6Cidr) {
+		IPv6Network network = null;
+		try {
+			network = IPv6Network.fromString(ip6Cidr);
+		} catch (IllegalArgumentException ex) {
+			return 0;
+		}
+		return network.getNetmask().asPrefixLength();
+	}
+
+	//FIXME: only able to cover lower 32 bits
+	public static String getIp6FromRange(String ip6Range) {
+    	String[] ips = ip6Range.split("-");
+    	String startIp = ips[0];
+    	IPv6Address start = IPv6Address.fromString(startIp);
+    	// Find a random number based on lower 32 bits
+    	long gap = countIp6InRange(ip6Range);
+    	if (gap > Integer.MAX_VALUE) {
+    		gap = Integer.MAX_VALUE;
+    	}
+    	int next = _rand.nextInt((int)(gap));
+    	// And a number based on the difference of lower 32 bits
+    	IPv6Address ip = start.add(next);
+    	return ip.toString();
+	}
+
+	//RFC3315, section 9.4
+	public static String getDuidLL(String macAddress) {
+		String duid = "00:03:00:01:" + macAddress;
+		return duid;
+	}
+	
+	//FIXME: only able to cover lower 64 bits
+	public static long countIp6InRange(String ip6Range) {
+    	String[] ips = ip6Range.split("-");
+    	String startIp = ips[0];
+    	String endIp = null;
+    	if (ips.length > 1) {
+    		endIp = ips[1];
+    	}
+    	IPv6Address start, end;
+    	try {
+    		start = IPv6Address.fromString(startIp);
+    		end = IPv6Address.fromString(endIp);
+		} catch (IllegalArgumentException ex) {
+			return 0;
+		}
+    	long startLow = start.getLowBits(), endLow = end.getLowBits();
+    	if (startLow > endLow) {
+    		return 0;
+    	}
+    	return endLow - startLow + 1;
+	}
+
+	public static boolean isIp6InRange(String ip6, String ip6Range) {
+    	String[] ips = ip6Range.split("-");
+    	String startIp = ips[0];
+    	String endIp = null;
+    	if (ips.length > 1) {
+    		endIp = ips[1];
+    	}
+    	IPv6Address start = IPv6Address.fromString(startIp);
+    	IPv6Address end = IPv6Address.fromString(endIp);
+    	IPv6Address ip = IPv6Address.fromString(ip6);
+    	if (start.compareTo(ip) <= 0 && end.compareTo(ip) >= 0) {
+    		return true;
+    	}
+		return false;
+	}
+	
+	public static boolean isIp6RangeOverlap(String ipRange1, String ipRange2) {
+		String[] ips = ipRange1.split("-");
+    	String startIp1 = ips[0];
+    	String endIp1 = null;
+    	if (ips.length > 1) {
+    		endIp1 = ips[1];
+    	}
+    	IPv6Address start1 = IPv6Address.fromString(startIp1);
+    	IPv6Address end1 = IPv6Address.fromString(endIp1);
+    	IPv6AddressRange range1 = IPv6AddressRange.fromFirstAndLast(start1, end1);
+		ips = ipRange2.split("-");
+    	String startIp2 = ips[0];
+    	String endIp2 = null;
+    	if (ips.length > 1) {
+    		endIp2 = ips[1];
+    	}
+    	IPv6Address start2 = IPv6Address.fromString(startIp2);
+    	IPv6Address end2 = IPv6Address.fromString(endIp2);
+    	IPv6AddressRange range2 = IPv6AddressRange.fromFirstAndLast(start2, end2);
+    	return range1.overlaps(range2);
+	}
 }
diff --git a/utils/test/com/cloud/utils/net/NetUtilsTest.java b/utils/test/com/cloud/utils/net/NetUtilsTest.java
index 11965b12efa..08b4816a992 100644
--- a/utils/test/com/cloud/utils/net/NetUtilsTest.java
+++ b/utils/test/com/cloud/utils/net/NetUtilsTest.java
@@ -21,10 +21,15 @@ import java.util.TreeSet;
 
 import junit.framework.TestCase;
 
+import org.apache.log4j.Logger;
 import org.junit.Test;
 
+import com.googlecode.ipv6.IPv6Address;
+
 public class NetUtilsTest extends TestCase {
 
+    private static final Logger s_logger = Logger.getLogger(NetUtilsTest.class);
+    
     @Test
     public void testGetRandomIpFromCidr() {
         String cidr = "192.168.124.1";
@@ -69,4 +74,33 @@ public class NetUtilsTest extends TestCase {
         assertFalse(NetUtils.isValidS2SVpnPolicy(";modp1536"));
         assertFalse(NetUtils.isValidS2SVpnPolicy(",aes;modp1536,,,"));
     }
+    
+    public void testIpv6() {
+    	assertTrue(NetUtils.isValidIpv6("fc00::1"));
+    	assertFalse(NetUtils.isValidIpv6(""));
+    	assertFalse(NetUtils.isValidIpv6(null));
+    	assertFalse(NetUtils.isValidIpv6("1234:5678::1/64"));
+    	assertTrue(NetUtils.isValidIp6Cidr("1234:5678::1/64"));
+    	assertFalse(NetUtils.isValidIp6Cidr("1234:5678::1"));
+    	assertEquals(NetUtils.getIp6CidrSize("1234:5678::1/32"), 32);
+    	assertEquals(NetUtils.getIp6CidrSize("1234:5678::1"), 0);
+    	assertEquals(NetUtils.countIp6InRange("1234:5678::1-1234:5678::2"), 2);
+    	assertEquals(NetUtils.countIp6InRange("1234:5678::2-1234:5678::0"), 0);
+    	assertEquals(NetUtils.getIp6FromRange("1234:5678::1-1234:5678::1"), "1234:5678::1");
+    	String ipString = null;
+    	IPv6Address ipStart = IPv6Address.fromString("1234:5678::1");
+    	IPv6Address ipEnd = IPv6Address.fromString("1234:5678::8000:0000");
+    	for (int i = 0; i < 10; i ++) {
+    		ipString = NetUtils.getIp6FromRange(ipStart.toString() + "-" + ipEnd.toString());
+    		s_logger.info("IP is " + ipString);
+    		IPv6Address ip = IPv6Address.fromString(ipString);
+    		assertTrue(ip.compareTo(ipStart) >= 0);
+    		assertTrue(ip.compareTo(ipEnd) <= 0);
+    	}
+    	assertFalse(NetUtils.isIp6RangeOverlap("1234:5678::1-1234:5678::ffff", "1234:5678:1::1-1234:5678:1::ffff"));
+    	assertTrue(NetUtils.isIp6RangeOverlap("1234:5678::1-1234:5678::ffff", "1234:5678::2-1234:5678::f"));
+    	assertTrue(NetUtils.isIp6RangeOverlap("1234:5678::f-1234:5678::ffff", "1234:5678::2-1234:5678::f"));
+    	assertFalse(NetUtils.isIp6RangeOverlap("1234:5678::f-1234:5678::ffff", "1234:5678::2-1234:5678::e"));
+    	assertFalse(NetUtils.isIp6RangeOverlap("1234:5678::f-1234:5678::f", "1234:5678::2-1234:5678::e"));
+    }
 }
diff --git a/utils/test/com/cloud/utils/xmlobject/TestXmlObject.java b/utils/test/com/cloud/utils/xmlobject/TestXmlObject.java
index f94c68c4631..eabc3169b3a 100755
--- a/utils/test/com/cloud/utils/xmlobject/TestXmlObject.java
+++ b/utils/test/com/cloud/utils/xmlobject/TestXmlObject.java
@@ -14,6 +14,9 @@ public class TestXmlObject {
     
     @Test
     public void test() {
+    	
+    	// deprecated, since we no longer use component.xml.in any more
+    	/*
         XmlObject xo = XmlObjectParser.parseFromFile("z:/components.xml.in");
         p(xo.getTag());
         p((String) xo.get("system-integrity-checker.checker").toString());
@@ -24,6 +27,7 @@ public class TestXmlObject {
                 p(y.toString());
             }
         }
+        */
     }
 
 }