virtual machine cannot get DHCP (DHCPv6) lease for IPV6 due to packet has no checksum.
Bug #1811639 reported by
Nikhil Singh
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Medium
|
Slawek Kaplonski |
Bug Description
if virtual machine are using virtio driver and switch vhost_net on,
then virtual machine cannot get DHCPv6 lease because the DHCPv6 packet
has no checksum and the kernel of virtual machine will drop those packet.
So we should fill checksum before we pass the DHCPv6 packet to virtual machine.
Similar bug for IPV4 (https:/
https:/
This functionality need to support for IPV6 as well and should cover both IPV6 stateless and state full address
management cases.
Changed in neutron: | |
status: | New → Triaged |
tags: | added: l3-ipam-dhcp |
Changed in neutron: | |
assignee: | nobody → Bence Romsics (bence-romsics) |
status: | Triaged → In Progress |
Changed in neutron: | |
importance: | Undecided → Medium |
Changed in neutron: | |
assignee: | Bence Romsics (bence-romsics) → Brian Haley (brian-haley) |
Changed in neutron: | |
assignee: | Brian Haley (brian-haley) → Slawek Kaplonski (slaweq) |
tags: | added: pike-backport-potential queens-backport-potential rocky-backport-potential |
To post a comment you must log in.
To my understanding this bug was first observed in a downstream modified (Pike-based) neutron. The following is my best reproduction on upstream master:
# create a network with a v6 subnet in dhcp stateless mode
openstack network create net1
openstack subnet create subnet1 --network net1 --subnet-range 10.0.4.0/24
openstack subnet create subnet1 --network net1 --ip-version 6 --ipv6-ra-mode dhcpv6-stateless --ipv6-address-mode dhcpv6-stateless --subnet-range fda6:dd28:1656::/64
I need a vm in which I could control dhclient, therefore I create an image with root password pre-set and I access it via 'libvirt console' from the compute host after openstack booted it.
openstack image create u1804 --container-format bare --disk-format qcow2 --public --file ~/u1804- with-root- password. img
openstack server create vm0 --flavor ds512M --image u1804 --nic net-id=net1 --wait
# on the compute host openstack/ devstack/ openrc admin admin SRV-ATTR: instance_ name )
source ~/src/os/
sudo virsh console $( openstack server show vm0 -f value -c OS-EXT-
# login with pre-set root password
# trigger v6 dhclient as needed
dhclient -v -6 ens2
The client cannot acquire an address, but it seems we have multiple issues:
root@vm0:~# dhclient -v -6 ens2 /www.isc. org/software/ dhcp/
Internet Systems Consortium DHCP Client 4.3.5
Copyright 2004-2016 Internet Systems Consortium.
All rights reserved.
For info, please visit https:/
Listening on Socket/ens2 3eff:fe4a: e696. 01:23:cf: 43:eb:fa: 16:3e:4a: e6:96
Sending on Socket/ens2
PRC: Soliciting for leases (INIT).
XMT: Forming Solicit, 0 ms elapsed.
XMT: X-- IA_NA 3e:e4:10:e4
XMT: | X-- Request renew in +3600
XMT: | X-- Request rebind in +5400
XMT: Solicit on ens2, interval 1010ms.
RCV: Advertise message on ens2 from fe80::f816:
RCV: X-- Server ID: 00:01:00:
PRC: Lease failed to satisfy.
The first issue is that (likely a configuration error due to my insufficient IPv6 knowledge) the dhcpv6 server thinks there are no v6 addresses available to advertise:
# captured while dhclient was running SRV-ATTR: instance_ name ) | egrep tap | cut -d\' -f2 ) 3eff:fee4: 10e4.546 > ff02::1:2.547: [bad udp cksum 0x44b7 -> 0x2b6b!] dhcp6 solicit (xid=4961ec (client-ID hwaddr/time type 1 time 600786647 fa163ee410e4) (option-request DNS-server DNS-search-list Client-FQDN SNTP-servers) (elapsed-time 0) (IA_NA IAID:1055133924 T1:3600 T2:5400)) 3eff:fe4a: e696.547 > fe80::f816: 3eff:fee4: 10e4.546: [udp sum ok] dhcp6 advertise (xid=4961ec (client-ID hwaddr/time type 1 time 600786647 fa163ee410e4) (server-ID hwaddr/time type 1 time 600785899 fa163e4ae696) (status-code NoAddrsAvail)) 3eff:fee4: 10e4.546 > ff02::1:2.547: [bad udp cksum 0x44b7 -> 0x2afb!] dhcp6 solic...
$ sudo tcpdump -vvv -n -i $( sudo virsh dumpxml $( openstack server show vm0 -f value -c OS-EXT-
tcpdump: listening on tapdead586f-16, link-type EN10MB (Ethernet), capture size 262144 bytes
14:02:39.194410 IP6 (flowlabel 0x449a9, hlim 1, next-header UDP (17) payload length: 64) fe80::f816:
14:02:39.195553 IP6 (class 0xc0, flowlabel 0x27db9, hlim 64, next-header UDP (17) payload length: 76) fe80::f816:
14:02:40.325718 IP6 (flowlabel 0x449a9, hlim 1, next-header UDP (17) payload length: 64) fe80::f816: