ipsec-site-connection-create failing for ipv6 with the following errors
2015-03-23 04:27:58.667 ERROR neutron.agent.linux.utils [req-fe39cbe2-9349-43bc-be0b-6c70c72fe874 admin 8f8b8fabb981498a81863266ffabf34f]
Command: ['sudo', '/usr/local/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-22af8b67-1902-453d-9b0f-117df0bb6d6
8', 'iptables-restore', '-c']
Exit code: 2
......
.....
Stderr: iptables-restore v1.4.21: invalid mask `64' specified
Error occurred at line: 23
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
2015-03-23 04:27:58.671 ERROR neutron.agent.linux.iptables_manager [req-fe39cbe2-9349-43bc-be0b-6c70c72fe874 admin 8f8b8fabb981498a81863266ffabf34f] IPTablesManager.apply failed to apply the following set of iptables rules:
neutron ipsec driver tries to apply this nat rule
' POSTROUTING' ,
' -s %s -d %s -m policy '
' --dir out --pol ipsec '
' -j ACCEPT ' % (local_cidr, peer_cidr),
top= True)
def _update_nat
add_nat_rule( router_id,
def add_nat_rule() manager. ipv4['nat' ].add_rule( chain, rule, top=top)
iptables_
This ipv4['nat' ].add_rule is failing as ipv4 won't support 64 as netmask length.