2015-12-31 12:22:14 |
Atsuko Ito |
bug |
|
|
added bug |
2015-12-31 12:23:03 |
Atsuko Ito |
summary |
Advertise tenant prefixes from router to outside |
[RFE] [ipv6] Advertise tenant prefixes from router to outside |
|
2015-12-31 12:27:31 |
Atsuko Ito |
bug |
|
|
added subscriber Carl Baldwin |
2015-12-31 12:27:49 |
Atsuko Ito |
bug |
|
|
added subscriber Sean M. Collins |
2015-12-31 14:28:45 |
Henry Gessau |
neutron: status |
New |
Confirmed |
|
2015-12-31 14:28:50 |
Henry Gessau |
neutron: importance |
Undecided |
Wishlist |
|
2015-12-31 14:29:02 |
Henry Gessau |
tags |
rfe |
ipv6 rfe |
|
2016-01-11 09:47:47 |
Atsuko Ito |
description |
For now, when end user is creating IPv6-enabled tenant network and attaching it to the virtual router, there is only way to set up external infrastructure to put traffic back to the router is using DHCPv6 PD[1], unfortunately, it’s not working at all[2]. Other methods like implementing BGP is still in development.
BTW, in IPv6 Router Advertisements we have an option called Route Information Option, RA-RIO[3] to advertise more specific routes from gateway. We could easily append a section like next one to advertise tenant prefix 2001:db8:1::/64 to public network. And if provider network router outside OpenStack will be configured to accept these.
interface qg- {
AdvDefaultLifetime 0;
route 2001:db8:1::/64 {
};
};
Cisco accepts it by default AFAIK, linux needs a sysctl net.ipv6.conf.*.accept_ra_rt_info_max_plen set to 64.
Moreover, enabling receiving RA-RIO prefixes in router namespaces allows routers communicate by themselves.
For preventing user from advertising subnets that makes no sense for outside infrastructure, Address Scopes[4] mechanism should be used:
1. Administrator creates an address scope and associate an IPv6 subnet pool with it.
2. Administrator creates Public shared network’s subnet from this subnet pool.
3. Tenant user creates tenant network from this subnet pool and connect it to Public shared network with router
4. OpenStack advertises prefix to the external interface of the router.
[1]: http://specs.openstack.org/openstack/neutron-specs/specs/kilo/ipv6-prefix-delegation.html
[2]: https://bugs.launchpad.net/neutron/+bug/1505316
[3]: https://tools.ietf.org/html/rfc4191
[4]: https://blueprints.launchpad.net/neutron/+spec/address-scopes |
For now, when end user is creating IPv6-enabled tenant network and attaching it to the virtual router, there is only way to set up external infrastructure to put traffic back to the router is using DHCPv6 PD[1], unfortunately, it’s not working at all[2]. Other methods like implementing BGP is still in development.
BTW, in IPv6 Router Advertisements we have an option called Route Information Option[3] to advertise more specific routes from gateway. We could easily append a section like next one to advertise tenant prefix 2001:db8:1::/64 to public network. And if provider network router outside OpenStack will be configured to accept these.
interface qg- {
AdvDefaultLifetime 0;
route 2001:db8:1::/64 {
};
};
Cisco accepts it by default AFAIK, linux needs a sysctl net.ipv6.conf.*.accept_ra_rt_info_max_plen set to 64.
Moreover, enabling receiving prefixes in router namespaces allows routers communicate by themselves.
For preventing user from advertising subnets that makes no sense for outside infrastructure, Address Scopes[4] mechanism should be used:
1. Administrator creates an address scope and associate an IPv6 subnet pool with it.
2. Administrator creates Public shared network’s subnet from this subnet pool.
3. Tenant user creates tenant network from this subnet pool and connect it to Public shared network with router
4. OpenStack advertises prefix to the external interface of the router.
[1]: http://specs.openstack.org/openstack/neutron-specs/specs/kilo/ipv6-prefix-delegation.html
[2]: https://bugs.launchpad.net/neutron/+bug/1505316
[3]: https://tools.ietf.org/html/rfc4191
[4]: https://blueprints.launchpad.net/neutron/+spec/address-scopes |
|
2016-02-11 23:19:26 |
Carl Baldwin |
tags |
ipv6 rfe |
ipv6 l3-ipam-dhcp rfe |
|
2016-03-26 00:41:38 |
Armando Migliaccio |
neutron: status |
Confirmed |
Triaged |
|
2016-03-31 21:37:40 |
Carl Baldwin |
description |
For now, when end user is creating IPv6-enabled tenant network and attaching it to the virtual router, there is only way to set up external infrastructure to put traffic back to the router is using DHCPv6 PD[1], unfortunately, it’s not working at all[2]. Other methods like implementing BGP is still in development.
BTW, in IPv6 Router Advertisements we have an option called Route Information Option[3] to advertise more specific routes from gateway. We could easily append a section like next one to advertise tenant prefix 2001:db8:1::/64 to public network. And if provider network router outside OpenStack will be configured to accept these.
interface qg- {
AdvDefaultLifetime 0;
route 2001:db8:1::/64 {
};
};
Cisco accepts it by default AFAIK, linux needs a sysctl net.ipv6.conf.*.accept_ra_rt_info_max_plen set to 64.
Moreover, enabling receiving prefixes in router namespaces allows routers communicate by themselves.
For preventing user from advertising subnets that makes no sense for outside infrastructure, Address Scopes[4] mechanism should be used:
1. Administrator creates an address scope and associate an IPv6 subnet pool with it.
2. Administrator creates Public shared network’s subnet from this subnet pool.
3. Tenant user creates tenant network from this subnet pool and connect it to Public shared network with router
4. OpenStack advertises prefix to the external interface of the router.
[1]: http://specs.openstack.org/openstack/neutron-specs/specs/kilo/ipv6-prefix-delegation.html
[2]: https://bugs.launchpad.net/neutron/+bug/1505316
[3]: https://tools.ietf.org/html/rfc4191
[4]: https://blueprints.launchpad.net/neutron/+spec/address-scopes |
For now, when end user is creating IPv6-enabled tenant network and attaching it to the virtual router, there are two ways to set up external infrastructure to put traffic back to the router. One is using DHCPv6 PD[1]. BGP is a new option available in Mitaka. Both require configuration of extra external systems (PD server, BGP routers).
In IPv6 Router Advertisements we have an option called Route Information Option[3] to advertise more specific routes from gateway. We could easily append a section like next one to advertise tenant prefix 2001:db8:1::/64 to public network. And if provider network router outside OpenStack will be configured to accept these. This might be considered a lighter weight alternative to PD and BGP for announcing tenant networks. Neighboring routers just need to accept and honor the announcement. Externally accessible addresses would still need to be routed to any border routers manually.
interface qg- {
AdvDefaultLifetime 0;
route 2001:db8:1::/64 {
};
};
Cisco accepts it by default AFAIK, linux needs a sysctl net.ipv6.conf.*.accept_ra_rt_info_max_plen set to 64.
Moreover, enabling receiving prefixes in router namespaces allows routers communicate by themselves.
For preventing user from advertising subnets that makes no sense for outside infrastructure, Address Scopes[4] mechanism should be used:
1. Administrator creates an address scope and associate an IPv6 subnet pool with it.
2. Administrator creates Public shared network’s subnet from this subnet pool.
3. Tenant user creates tenant network from this subnet pool and connect it to Public shared network with router
4. OpenStack advertises prefix to the external interface of the router.
[1]: http://specs.openstack.org/openstack/neutron-specs/specs/kilo/ipv6-prefix-delegation.html
[2]: https://bugs.launchpad.net/neutron/+bug/1505316
[3]: https://tools.ietf.org/html/rfc4191
[4]: https://blueprints.launchpad.net/neutron/+spec/address-scopes |
|
2016-03-31 22:37:46 |
Brian Haley |
bug |
|
|
added subscriber Brian Haley |
2016-04-01 15:42:09 |
Atsuko Ito |
description |
For now, when end user is creating IPv6-enabled tenant network and attaching it to the virtual router, there are two ways to set up external infrastructure to put traffic back to the router. One is using DHCPv6 PD[1]. BGP is a new option available in Mitaka. Both require configuration of extra external systems (PD server, BGP routers).
In IPv6 Router Advertisements we have an option called Route Information Option[3] to advertise more specific routes from gateway. We could easily append a section like next one to advertise tenant prefix 2001:db8:1::/64 to public network. And if provider network router outside OpenStack will be configured to accept these. This might be considered a lighter weight alternative to PD and BGP for announcing tenant networks. Neighboring routers just need to accept and honor the announcement. Externally accessible addresses would still need to be routed to any border routers manually.
interface qg- {
AdvDefaultLifetime 0;
route 2001:db8:1::/64 {
};
};
Cisco accepts it by default AFAIK, linux needs a sysctl net.ipv6.conf.*.accept_ra_rt_info_max_plen set to 64.
Moreover, enabling receiving prefixes in router namespaces allows routers communicate by themselves.
For preventing user from advertising subnets that makes no sense for outside infrastructure, Address Scopes[4] mechanism should be used:
1. Administrator creates an address scope and associate an IPv6 subnet pool with it.
2. Administrator creates Public shared network’s subnet from this subnet pool.
3. Tenant user creates tenant network from this subnet pool and connect it to Public shared network with router
4. OpenStack advertises prefix to the external interface of the router.
[1]: http://specs.openstack.org/openstack/neutron-specs/specs/kilo/ipv6-prefix-delegation.html
[2]: https://bugs.launchpad.net/neutron/+bug/1505316
[3]: https://tools.ietf.org/html/rfc4191
[4]: https://blueprints.launchpad.net/neutron/+spec/address-scopes |
For now, when end user is creating IPv6-enabled tenant network and attaching it to the virtual router, there are two ways to set up external infrastructure to put traffic back to the router. One is using DHCPv6 PD[1]. BGP is a new option available in Mitaka. Both require configuration of extra external systems (PD server, BGP routers).
In IPv6 Router Advertisements we have an option called Route Information Option[2] to advertise more specific routes from gateway. We could easily append a section like next one to advertise tenant prefix 2001:db8:1::/64 to public network. And if provider network router outside OpenStack will be configured to accept these. This might be considered a lighter weight alternative to PD and BGP for announcing tenant networks. Neighboring routers just need to accept and honor the announcement. Externally accessible addresses would still need to be routed to any border routers manually.
interface qg- {
AdvDefaultLifetime 0;
route 2001:db8:1::/64 {
};
};
Cisco accepts it by default AFAIK, linux needs a sysctl net.ipv6.conf.*.accept_ra_rt_info_max_plen set to 64.
Moreover, enabling receiving prefixes in router namespaces allows routers communicate by themselves.
For preventing user from advertising subnets that makes no sense for outside infrastructure, Address Scopes[3] mechanism should be used:
1. Administrator creates an address scope and associate an IPv6 subnet pool with it.
2. Administrator creates Public shared network’s subnet from this subnet pool.
3. Tenant user creates tenant network from this subnet pool and connect it to Public shared network with router
4. OpenStack advertises prefix to the external interface of the router.
[1]: http://specs.openstack.org/openstack/neutron-specs/specs/kilo/ipv6-prefix-delegation.html
[2]: https://tools.ietf.org/html/rfc4191
[3]: https://blueprints.launchpad.net/neutron/+spec/address-scopes |
|
2016-04-26 12:25:14 |
Dr. Jens Harbott |
bug |
|
|
added subscriber Dr. Jens Rosenboom |
2016-05-13 00:34:32 |
Armando Migliaccio |
neutron: status |
Triaged |
Incomplete |
|
2016-07-12 04:17:54 |
Launchpad Janitor |
neutron: status |
Incomplete |
Expired |
|
2021-03-22 05:03:33 |
Greg Retkowski |
bug |
|
|
added subscriber Greg Retkowski |