Exposing IPv6 IPs on the provider networks not working
Bug #2020410 reported by
Luis Tomas Bolivar
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ovn-bgp-agent |
Confirmed
|
High
|
Unassigned |
Bug Description
Exposing IPv6 IPs on the provider networks does not work unless an OVN router is plugged into that network and responses to the NS requests
Changed in ovn-bgp-agent: | |
status: | New → Confirmed |
Changed in ovn-bgp-agent: | |
importance: | Undecided → High |
To post a comment you must log in.
Hello Tomas,
I will answer here as I think it fits better.
Your observations seems legit, however I'm unable to test in my scenario as my code is not yet ready to work with routers properly.
However, your log output shows that the default route of your public network is not br-ex, instead it's the router.
That would explain the behavior.
To me that's a limitation of the proxy_ndp implementation in the Linux kernel, perhaps its a feature too :P
Yesterday, I made the suggestion to add the gateway to networking-bgpvpn to be able to add that to the proxy_ndp configuration. However, I realized that this would work for the default route, however we have to route all traffic, including traffic for the public network itself (other instances on the same network).
This is something that is difficult to achieve with proxy_ndp.
We really need some catch-all logic here.
As proxy_ndp is not providing that functionality I got the idea to implement an ICMPv6 NS/NA Responder using OVS flows.
ODL has a very similar spec [1].
I wasn't able to test this yesterday, because my OVS deployment seems to be too old to support all fields that would be necessary for a complete NA packet.
As I'm not that familiar with OVS and OpenFlow I've sent a message to ovs-discuss, maybe someone there is able to help me.
[1] https:/ /docs.opendayli ght.org/ projects/ netvirt/ en/latest/ specs/fluorine/ ovs_based_ na_responder_ for_gw. html