yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #14170
[Bug 1316515] [NEW] DHCPv6 Solicit should be allowed like IPv4
Public bug reported:
DHCPv6 solicit UDP package is currently dropped because there is no
security group rule to allow it like IPv4:
Chain neutron-openvswi-o3bb99c0d-6 (2 references)
target prot opt source destination
RETURN ipv6-icmp anywhere anywhere <- Notice here only ipv6-icmp is allowed
neutron-openvswi-s3bb99c0d-6 all anywhere anywhere
Chain neutron-openvswi-s3bb99c0d-6 (1 references)
target prot opt source destination
RETURN all 2001:2009::5/128 anywhere MAC FA:16:3E:86:60:09
DROP all anywhere anywhere
UDP solicit packet from dhcpv6 client port 546 to server 547 should be allowed so VM can get dhcpv6 reply.
** Affects: neutron
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1316515
Title:
DHCPv6 Solicit should be allowed like IPv4
Status in OpenStack Neutron (virtual network service):
New
Bug description:
DHCPv6 solicit UDP package is currently dropped because there is no
security group rule to allow it like IPv4:
Chain neutron-openvswi-o3bb99c0d-6 (2 references)
target prot opt source destination
RETURN ipv6-icmp anywhere anywhere <- Notice here only ipv6-icmp is allowed
neutron-openvswi-s3bb99c0d-6 all anywhere anywhere
Chain neutron-openvswi-s3bb99c0d-6 (1 references)
target prot opt source destination
RETURN all 2001:2009::5/128 anywhere MAC FA:16:3E:86:60:09
DROP all anywhere anywhere
UDP solicit packet from dhcpv6 client port 546 to server 547 should be allowed so VM can get dhcpv6 reply.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1316515/+subscriptions
Follow ups
References
