[openstack-dev] [Neutron][IPv6] BP:Store both IPv6 LLA and GUA address on router interface port
pengxuhan at gmail.com
Mon Mar 3 06:02:23 UTC 2014
I may need some time to review your latest code change to the blueprint you
mentioned. But I think we can discuss this in the coming IPv6 sub team
On Mon, Mar 3, 2014 at 11:20 AM, Randy Tuttle <randy.m.tuttle at gmail.com>wrote:
> Hi Yuhan
> Sorry I am slow to respond, but I was catching up on some emails and found
> this one from you. Regarding your comments on the RA from the router
> gateway port...
> I disagree that the LLA for the qg-xxxx interface is (or should be) the
> gateway for the tenant's subnet. On the contrary, it should be the LLA of
> the qr-yyyy to which the dnsmasq binds . Using  as a starting point,
> packets arriving on the qr-xxxx interface are routed across (via linux) in
> the qrouter-namespace, taking the default route (gateway-ip) as specified
> in  to unknown destinations.
> In a future release, we may need to consider implementing support for
> accepting RA from service providers' upstream routers on the qg-xxxx
> interface, but whether we allow a SLAAC address on the external gateway
> port needs further discussion (perhaps a topic for the IPv6 sub-team IRC).
> SLAAC requires a /64 subnet which might be considered a bit of overkill for
> what's typically a point-to-point connection. Let's see about adding it to
> the topics to discuss.
> On Thu, Feb 27, 2014 at 12:49 AM, Xuhan Peng <pengxuhan at gmail.com> wrote:
>> As the follow up action of IPv6 sub-team meeting , I created a new
>> blueprint  to store both IPv6 LLA and GUA address on router interface
>> Here is what it's about:
>> Based on the two modes (ipv6-ra-mode and ipv6-address-mode) design, RA
>> can be sent from both openstack controlled dnsmasq or existing devices.
>> RA From dnsmasq: gateway ip that dnsmasq binds into should be link local
>> address (LLA) according to . This means we need to pass the LLA of the
>> created router internal port (i.e. qr-xxxx) to dnsmasq spawned by openstack
>> dhcp agent. In the mean while, we need to assign an GUA to the created
>> router port so that the traffic from external network can be routed back
>> using the GUA of the router port as the next hop into the internal subnet.
>> Therefore, we will need some change to the current logic to leverage both
>> LLA and GUA on router port.
>> RA from existing device on the same link which is not controlled by
>> openstack: dnsmasq will not send RA in this case. RA is sending from
>> subnet's gateway address which should also be LLA according to .
>> Allowing subnet's gateway IP to be LLA is enough in this case. Current code
>> works when force_gateway_on_subnet = False.
>> RA from router gateway port (i.e. qg-xxxx): the LLA of the gateway port
>> (qg-xxxx) should be set as the gateway of tenant subnet to get the RA from
>> that. This could be potentially calculated by  or by other methods in
>> the future considering privacy extension. However, this will make the
>> tenant network gateway port qr-xxxx useless. Therefore, we also need code
>> change to current router interface attach logic.
>> If you have any comments on this, please let me know.
>>  https://blueprints.launchpad.net/neutron/+spec/ipv6-two-attributes
>>  http://tools.ietf.org/html/rfc4861
>>  https://review.openstack.org/#/c/56184/
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OpenStack-dev