openstack-manuals

Ensure floating IPs only use IPv4 addresses

Bug #1577289 reported by OpenStack Infra on 2016-05-02

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	openstack-manuals	Fix Released	Medium	Chason Chan

Bug Description

https://review.openstack.org/267891
Dear bug triager. This bug was created since a commit was marked with DOCIMPACT.
Your project "openstack/neutron" is set up so that we directly report the documentation bugs against it. If this needs changing, the docimpact-group option needs to be added for the project. You can ask the OpenStack infra team (#openstack-infra on freenode) for help if you need to.

commit 4858cd7cb97354ae54f8e7d47aeaaddad714c9dd
Author: Dustin Lundquist <email address hidden>
Date: Mon Jul 6 13:53:46 2015 -0700

Ensure floating IPs only use IPv4 addresses

    Description:
    Presently Neutron doesn't validate the address family of floating IP
    addresses or the internal addresses they are associated with. It merely
    associates the first IP of the floating IP's port with the first IP of
    the internal port, unless a specified fixed IP is specified. This can
    lead to incorrect or poorly defined behavior when IPv6 is present.

    The existing L3 agent implementation only manages IPv4 NAT rules. While
    IPv6 NAT and NAT protocol translation are possible, the existing
    implementation does not support these configurations.

    Presently a floating IP can be created on an IPv6 only external network
    or associated with an IPv6 fixed IP, but the L3 agent is unable to bind
    these configurations.

    Implementation:
    When creating and updating a floating IP, only consider IPv4 addresses
    on both the floating IPs port and the internal port he floating IP is
    associated with. Additionally disallow creating floating IPs on networks
    without any IPv4 subnets, since these floating IPs could not be
    allocated an IPv4 address.

DocImpact
APIImpact

    Co-Authored-By: Bradley Jones <email address hidden>
    Change-Id: I79b28a304b38ecdafc17eddc41213df1c24ec202
    Related-Bug: #1437855
    Closes-Bug: #1323766
    Closes-Bug: #1469322
    (cherry picked from commit 4cdc71e7d0e5220a5f12ee2dfea1ff3db045c041)

Tags:

Ryan Moats (rmoats) on 2016-05-02

Changed in neutron:
status:	New → Triaged
importance:	Undecided → Low
assignee:	nobody → Dustin Lundquist (dlundquist)

Revision history for this message

Boden R (boden) wrote on 2017-01-31:

From a neutron perspective I'm not seeing anything needed.

However from an openstack-manuals POV it seems like we should note the IPv4 requirement for floating IPs (e.g. can't create floating IPs on net with no IPv4 subnets, etc. see commit message for more details). When searching the openstack docs I didn't find anything current talking about floating IPs, other than [1] (I think [1] is older).

Moving this over to openstack-manuals in hopes we can find somewhere to mention this requirement for floating IPs.

[1] http://docs.openstack.org/admin-guide/cli-admin-manage-ip-addresses.html

Changed in neutron:
status:	Triaged → New
importance:	Low → Undecided
assignee:	Dustin Lundquist (dlundquist) → nobody
affects:	neutron → openstack-manuals

Revision history for this message

YAMAMOTO Takashi (yamamoto) wrote on 2017-01-31:

please note that there's a neutron plugin which uses ipv6 floating-ip for NAT64 functionality.
(networking-midonet, with fip64 extension.)

Revision history for this message

Alexandra Settle (alexandra-settle) wrote on 2017-02-01:

This is probably best updated in the admin guide:

DESCRIPTION: When creating and updating a floating IP, only consider IPv4 addresses on both the floating IPs port and the internal port he floating IP is associated with. Additionally disallow creating floating IPs on networks without any IPv4 subnets, since these floating IPs could not be allocated an IPv4 address.

Changed in openstack-manuals:
status:	New → Confirmed
importance:	Undecided → Wishlist
tags:	added: admin-guide low-hanging-fruit removed: doc neutron

Revision history for this message

Joseph Robinson (joseph-r-email) wrote on 2017-02-21:

For this bug, we can update the admin guide content now, while being aware that neutron content will most change location to the neutron dev team repository - https://etherpad.openstack.org/p/docs-i18n-ptg-pike-repos.

Changed in openstack-manuals:
importance:	Wishlist → Medium

guoshan (guoshan) on 2017-03-07

Changed in openstack-manuals:
assignee:	nobody → guoshan (guoshan)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-05-04: Fix proposed to openstack-manuals (master)

Fix proposed to branch: master
Review: https://review.openstack.org/462483

Changed in openstack-manuals:
assignee:	guoshan (guoshan) → Chason (chen-xing)
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-05-08: Fix merged to openstack-manuals (master)

Reviewed: https://review.openstack.org/462483
Committed: https://git.openstack.org/cgit/openstack/openstack-manuals/commit/?id=2d7639a577422024336e5fd6740ebe99684029d0
Submitter: Jenkins
Branch: master

commit 2d7639a577422024336e5fd6740ebe99684029d0
Author: chenxing <chen.xing@99cloud.net>
Date: Thu May 4 10:29:27 2017 +0000

[admin-guide] Add content about floating IPs only use IPv4 addresses

Change-Id: I45cdf10f3ce3a57513a4673d03f94bd9951f148a
Closes-Bug: #1577289

Changed in openstack-manuals:
status:	In Progress → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.