neutron-cli port-update ipv6 fixed_ips Covering previous

Can you list all the commands you are running here so I can better understand the issue? Also, have you tried this against code in the master neutron branch?

From what you're describing you're setting the IP of a port on subnet A with the IP address of something on subnet B, which doesn't seem correct. And it seems like when you use the openstack client things work?

Hello Brian, my version of openstack is Branch: statble-rocky

I create an IPv6 network ipv6_net which there are two subnets A:2010:1111:2222:3:/64 and B:2011:4444:5555:6:/64
[root@ ~]# openstack network show ipv6_network
+---------------------------+----------------------------------------------------------------------------+
| Field | Value |
+---------------------------+----------------------------------------------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | nova |
| availability_zones | nova |
| created_at | 2019-06-05T09:08:27Z |
| description | |
| dns_domain | None |
| id | 47da9430-d385-4369-ae8b-4fc2b8443fff |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | None |
| is_vlan_transparent | None |
| mtu | 1450 |
| name | ipv6_network |
| port_security_enabled | True |
| project_id | 5010e5f5083140e8a9e98922623d0218 |
| provider:network_type | vxlan |
| provider:physical_network | None |
| provider:segmentation_id | 1099 |
| qos_policy_id | None |
| revision_number | 4 |
| router:external | Internal |
| segments | None |
| shared | False |
| status | ACTIVE |
| subnets | 23366735-3f85-45cb-8320-f05048cba3ef, aa4f1fe4-bd77-468e-b...

Thanks for the additional information.

Looking at your API calls and the underlying code, I think things are working as intended, but with the nature of allowing a single port to have multiple IPv6 subnets it maybe is causing some unexpected behavior. Let me first explain what is happening.

Your second call to update the port is:

$ neutron port-update --fixed-ip subnet_id=7266ece7-c515-4bbe-90ff-f7cfd5d52826,ip_address=2011:4444:5555:6::9 444a8244-264b-412f-b0e7-c69472cc799c

This is going to release the existing IP allocation and replace it with this one for the second subnet, it will not merge the two together.

The API reference mentions this:

https://developer.openstack.org/api-ref/network/v2/index.html?expanded=update-port-detail#ports

You can update information for a port, such as its symbolic name and associated IPs. When you update IPs for a port, any previously associated IPs are removed, returned to the respective subnet allocation pools, and replaced by the IPs in the request body. Therefore, this operation replaces the fixed_ip attribute when you specify it in the request body. If the updated IP addresses are not valid or are already in use, the operation fails and the existing IP addresses are not removed from the port.

The openstack client call seems similar:

$ openstack port set --fixed-ip subnet=ipv6_subnet_A,ip-address=2010:1111:2222:3::9 444a8244-264b-412f-b0e7-c69472cc799c

But I think this is actually going to get the current port attributes, then append the new ones, doing the right thing. That seems to be what you are seeing.

So this is maybe more of a documentation issue - what are the commands to run to get two IPv6 subnets attached to a router with custom fixed IP addresses? Let me look in the docs to see if we already have this somewhere, otherwise I think if you stay with just using the openstackclient you might avoid the issue?

Brian's followup in #3 is correct.

'neutron' CLI just replaces an existing value of fixed_ips with specified information. If a previous IP address is not specified in the command line, the previous IP address will be released and only specified IP address(es) will be assigned.

On the other hand, 'openstack' CLI is designed in more user-friendly way and it supports add/remove operations for a list-type attribute like fixed_ips. The help message of OSC port set command says as follows:

  --fixed-ip subnet=<subnet>,ip-address=<ip-address>
                        Desired IP and/or subnet for this port (name or ID):
                        subnet=<subnet>,ip-address=<ip-address> (repeat option
                        to set multiple fixed IP addresses)
  --no-fixed-ip Clear existing information of fixed IP
                        addresses.Specify both --fixed-ip and --no-fixed-ip to
                        overwrite the current fixed IP addresses.

My current suggestion is to use 'openstack' CLI instead. The upstream development team considers 'openstack' CLI as the first priority (over 'neutron' CLI) now.

P.S.

If you would like to check what actually happens in the API level, you can use '--debug' option like:

  neutron --debug port-update ....
  openstack --debug port set .....

This sometimes helps you understand what happens under the table.