dnsmasq doesn't like providing DHCP for subnets with prefixes shorter than 64

Many IPv6 features depend upon having a /64 prefix. See https://tools.ietf.org/html/rfc5375#page-30

Unless anyone has an existing use case requiring something different, I'd be in favor of disallowing non-/64 subnets altogether.

I don't think the bug is High since there is a workaround - you just avoid creating bad subnets.

A subnet with a prefix length shorter than 64 isn't necessarily _bad_, just not following established practices. I'm not aware any restriction prohibited subnets larger than a /64, but it doesn't seem very useful since layer 2 Ethernet switching isn't going to scale to 2^64 nodes.

In the case of smaller subnets, there is an established use case to use small subnets (e.g. /112) to limit the size of IPv6 neighbor tables. There was a DoS potential some vendor routers triggered by sending IPv6 packets to a range of adjacent IPv6 addresses for the router to perform neighbor discovery to obtain the corresponding L2 address for each IPv6 address, this could fill the routers neighbor tables preventing normal operation; thus there was a recommendation floated to use smaller IPv6 subnets (longer prefix lengths) and use stateful DHCPv6 instead of SLAAC.

I agree this bug isn't a high priority, Neutron is simply being tolerant of user input, and dnsmasq doesn't support this unusual configuration.

Reviewed: https://review.openstack.org/398016
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=028a349bc531cbcd91fd15f072be4b84952376b8
Submitter: Jenkins
Branch: master

commit 028a349bc531cbcd91fd15f072be4b84952376b8
Author: Kevin Benton <email address hidden>
Date: Tue Nov 15 17:34:16 2016 -0800

    Skip larger than /64 subnets in DHCP agent

    Dnsmasq can't handle these in IPv6 so we need to skip them to avoid
    a whole bunch of log noise caused by continual retrying of issues.

    Closes-Bug: #1645616
    Change-Id: I36d167506cc45731e3f500a0c59b70b1bc27590f

Fix proposed to branch: stable/newton
Review: https://review.openstack.org/409484

Fix proposed to branch: stable/mitaka
Review: https://review.openstack.org/409485

Reviewed: https://review.openstack.org/409484
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=e15e94ba12fbaf429d5ed8bd4edbbe23fdf5e26f
Submitter: Jenkins
Branch: stable/newton

commit e15e94ba12fbaf429d5ed8bd4edbbe23fdf5e26f
Author: Kevin Benton <email address hidden>
Date: Tue Nov 15 17:34:16 2016 -0800

    Skip larger than /64 subnets in DHCP agent

    Dnsmasq can't handle these in IPv6 so we need to skip them to avoid
    a whole bunch of log noise caused by continual retrying of issues.

    Closes-Bug: #1645616
    Change-Id: I36d167506cc45731e3f500a0c59b70b1bc27590f
    (cherry picked from commit 028a349bc531cbcd91fd15f072be4b84952376b8)

This issue was fixed in the openstack/neutron 10.0.0.0b2 development milestone.

Reviewed: https://review.openstack.org/409485
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=5413853b85f1bcd61f66c768b53c5b30ebb093d7
Submitter: Jenkins
Branch: stable/mitaka

commit 5413853b85f1bcd61f66c768b53c5b30ebb093d7
Author: Kevin Benton <email address hidden>
Date: Tue Nov 15 17:34:16 2016 -0800

    Skip larger than /64 subnets in DHCP agent

    Dnsmasq can't handle these in IPv6 so we need to skip them to avoid
    a whole bunch of log noise caused by continual retrying of issues.

    Closes-Bug: #1645616
    Change-Id: I36d167506cc45731e3f500a0c59b70b1bc27590f
    (cherry picked from commit 028a349bc531cbcd91fd15f072be4b84952376b8)

This issue was fixed in the openstack/neutron 9.2.0 release.

This issue was fixed in the openstack/neutron 8.4.0 release.