[neutron] DVR / IPv6 on provider network instead?

Brian Haley haleyb.dev at gmail.com
Mon Jun 29 18:13:38 UTC 2020

On 6/27/20 11:52 PM, Eric K. Miller wrote:
> Hi,
> Should I assume that the statement:
> "IPv6 traffic is not distributed, even when DVR is enabled. IPv6 routing 
> does work, but all ingress/egress traffic must traverse through the 
> centralized Controller node. Customers that are extensively using IPv6 
> routing are advised not to use DVR at this time."
> is still true in Stein and later (we are running Stein for now, which is 
> why I explicitly mentioned this version)?
> If so, is there a possibility of using a provider network that is 
> connected to all compute nodes where IPv6 subnets are issued to tenants 
> from a subnet pool, with traffic being routed directly to an external 
> router (not a Neutron router) using Linux Bridge instead of OVS?  Yet, 
> still use port security?
> Just trying to figure out the best way to support IPv6 without 
> forwarding all traffic through a single network node, while using DVR 
> for IPv4.

The other way would be to enhance the dr-agent, IPv4 support for DVR was 
added recently.


There is also some ongoing work to better support IPv6 "fast exit" at 


> Also, unrelated, but hopefully a quick question…  is the "internal" or 
> "external" label on a network just used for filtering lists, such as for 
> "openstack network list --external"?  or does it change the behavior of 
> anything?
> Thanks!
> Eric

More information about the openstack-discuss mailing list