left=<ipv6_addr> not allowed when gw has both v4 & v6 address
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Medium
|
venkata anil |
Bug Description
No ipv6 address assigned to ipsec.conf 'left' and "leftid" paramter if gateway has both ipv4 and ipv6 addresses.
Gateway has both ipv4 and ipv6 address as public network has both ipv4 and ipv6 subnets.
I am trying vpn-service and ipsec-site-
neutron vpn-service-create --name myvpn --description "My vpn service" router1 ipv6-private-subnet
neutron ipsec-site-
Still only ipv4 address is assigned to "left" and "leftid" params in ipsec.conf.
As I am trying ipsec-site-
cat /opt/stack/
conn 7ca1246e-
keyexchange
left=172.24.4.3
leftsubnet=
leftid=
leftfirewal
right=
rightsubnet
rightid=
auto=route
I think we are always selecting the first address for "external_ip" for vpn_service
def make_vpnservice
Need to fix this based on ip version.
summary: |
- [IPv6] [VPNaaS]left=<ipv6_addr> not allowed when gw has both v4 & v6 - address + left=<ipv6_addr> not allowed when gw has both v4 & v6 address |
tags: | added: ipv6 |
Changed in neutron: | |
importance: | Undecided → Medium |
Changed in neutron: | |
status: | New → In Progress |
Changed in neutron: | |
milestone: | none → liberty-1 |
status: | Fix Committed → Fix Released |
Changed in neutron: | |
milestone: | liberty-1 → 7.0.0 |
This is happening for both openswan and strongswan drivers, and only when the public external network has both ipv4 and ipv6 subnets(i.e router gateway port has both ipv4 and ipv6 address.)