← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1316515] [NEW] DHCPv6 Solicit should be allowed like IPv4

 

Public bug reported:

DHCPv6 solicit UDP package is currently dropped because there is no
security group rule to allow it like IPv4:

Chain neutron-openvswi-o3bb99c0d-6 (2 references)
target     prot opt source               destination         
RETURN     ipv6-icmp    anywhere             anywhere                 <- Notice here only ipv6-icmp is allowed
neutron-openvswi-s3bb99c0d-6  all      anywhere             anywhere  

Chain neutron-openvswi-s3bb99c0d-6 (1 references)
target     prot opt source               destination         
RETURN     all      2001:2009::5/128     anywhere            MAC FA:16:3E:86:60:09
DROP       all      anywhere             anywhere   


UDP solicit packet from dhcpv6 client port 546 to server 547 should be allowed so VM can get dhcpv6 reply.

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1316515

Title:
  DHCPv6 Solicit should be allowed like IPv4

Status in OpenStack Neutron (virtual network service):
  New

Bug description:
  DHCPv6 solicit UDP package is currently dropped because there is no
  security group rule to allow it like IPv4:

  Chain neutron-openvswi-o3bb99c0d-6 (2 references)
  target     prot opt source               destination         
  RETURN     ipv6-icmp    anywhere             anywhere                 <- Notice here only ipv6-icmp is allowed
  neutron-openvswi-s3bb99c0d-6  all      anywhere             anywhere  

  Chain neutron-openvswi-s3bb99c0d-6 (1 references)
  target     prot opt source               destination         
  RETURN     all      2001:2009::5/128     anywhere            MAC FA:16:3E:86:60:09
  DROP       all      anywhere             anywhere   

  
  UDP solicit packet from dhcpv6 client port 546 to server 547 should be allowed so VM can get dhcpv6 reply.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1316515/+subscriptions


Follow ups

References