yahoo-eng-team team mailing list archive

[Brian Haley <1877301@xxxxxxxxxxxxxxxxxx>]

I think it's done, anything else can be treated as a bug.

** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1877301

Title:
  [RFE] L3 Router support ndp proxy

Status in neutron:
  Fix Released

Bug description:
  As the ipv6 device more and more popularize, we should make our ipv6
  VMs more easily connect to external network,but neutron don't support
  Floating IP and NAT for ipv6. The bgp-dynamic-routing is a optional
  way to make the ipv6 VMs accessed by external network. But the bgp
  configuration is more complex, it depend on the external physical
  router.

  So, I propose a eaiser way to make the ipv6 VMs accessed by external network:
  In openstack l3 router we set 'proxy_ndp' [1] kernal paramer as '1', like this: 'sysctl -w net.ipv6.conf.all.proxy_ndp=1', then we can add proxied address to gateway tap device, like this: 'ip -6 neigh add proxy 2001:400:1234:567:ffff::8 dev qg-733bd76b-62'.
  In external router we just need to add a static direct route, like this: 'ip route add 2001:400:1234:567:ffff::/80 dev fake-gw-port'.
  In this way, the external traffic can accurately forward to proper openstack router and then forward to specify VM.

  We can implement a plugin to support some APIs, these APIs should
  support add a single address proxy entry to router external gateway
  port, in order to that we can control advertise which address to
  external network. And the iptables can be used to break the trafffic
  immediately when user delete a address proxy entry.

  To guarantee the address is unique, the address scope should be
  considered.

  [1] https://www.geeklab.info/2013/05/ipv6-neighbour-proxy/

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1877301/+subscriptions