[neutron][ovn] ipv6 in virtual networks
Brian Haley
haleyb.dev at gmail.com
Fri Feb 12 17:32:58 UTC 2021
On 2/11/21 6:20 AM, Piotr Misiak wrote:
> On 10.02.2021 21:08, Brian Haley wrote:
>
>> On 2/10/21 1:11 PM, Piotr Misiak wrote:
>>> - Routing is not working at all
>>>
>>> Besides those, I can't imagine how upstream router will know how to
>>> reach a particular private network with GUA IPv6 addresses (to which
>>> virtual router send packets to reach a particular private network?). I
>>> have a standard external network with IPv6 GUA /64 subnet and virtual
>>> routers which connects private networks with IPv6 GUA /64 subnets with
>>> external network. I thought that OVN virtual router will send ICMPv6 RA
>>> packets on external network with reachable prefixes and upstream router
>>> will learn routing info from those but I don't see any RA packets sent
>>> by OVN on external network, I see only RA packets from an upstream
>>> router. How this should work and be configured? How to configure GUA
>>> IPv6 addresses on virtual private networks? Is it supported by
>>> Neutron/OVN?
>>
>> IPv6 prefix delegation is what you want, it's one of the 'gaps' with
>> ML2/OVS, https://bugs.launchpad.net/neutron/+bug/1895972
>>
>> There is a list of known items at
>> https://docs.openstack.org/neutron/latest/ovn/gaps.html
>>
>> So in order to use a globally-reachable IPv6 address you should use a
>> port from a provider network in the instance.
>>
> Thanks Brian for the prompt response.
>
> Does this mean that the only functional IPv6 scenario in Neutron/OVN is
> where VMs are directly connected to an IPv6 GUA provider network?
For your intended purpose, yes. You can still have a tenant with IPv6
private networks and OVN will route East/West between them.
> BGP peering is not supported in Neutron/OVN, so virtual routers cannot
> advertise their prefixes (use case where private network prefix is
> manually specified by the user or it is automatically assigned from a
> default IPv6 subnet-pool defined in Neutron)
>
> IPv6 PD is not supported in Neutron/OVN, so virtual routers cannot
> request an IPv6 prefix from an upstream router
Correct, that was the bug I linked above.
-Brian
More information about the openstack-discuss
mailing list