Because neutron sets ipv6 forwarding settings, we stop accepting RAs
from IPv6-only host environments. This leads to a loss of external
connectivity, which is bad for zuul running tests and stuff.
Setting accept_ra to 2 will cause the RAs to be accepted.
Change-Id: Ia044fff2a1731ab6c04f82aea47096b425e0c0a0
... | ... |
@@ -83,6 +83,9 @@ SUBNETPOOL_PREFIX_V6=${SUBNETPOOL_PREFIX_V6:-2001:db8:8000::/48} |
83 | 83 |
SUBNETPOOL_SIZE_V4=${SUBNETPOOL_SIZE_V4:-24} |
84 | 84 |
SUBNETPOOL_SIZE_V6=${SUBNETPOOL_SIZE_V6:-64} |
85 | 85 |
|
86 |
+default_route_dev=$(ip route | grep ^default | awk '{print $5}') |
|
87 |
+die_if_not_set $LINENO default_route_dev "Failure retrieving default route device" |
|
88 |
+ |
|
86 | 89 |
function _determine_config_l3 { |
87 | 90 |
local opts="--config-file $NEUTRON_CONF --config-file $Q_L3_CONF_FILE" |
88 | 91 |
echo "$opts" |
... | ... |
@@ -113,9 +116,7 @@ function _configure_neutron_l3_agent { |
113 | 113 |
_move_neutron_addresses_route "$PUBLIC_INTERFACE" "$OVS_PHYSICAL_BRIDGE" False False "inet6" |
114 | 114 |
fi |
115 | 115 |
else |
116 |
- local default_dev="" |
|
117 |
- default_dev=$(ip route | grep ^default | awk '{print $5}') |
|
118 |
- sudo iptables -t nat -A POSTROUTING -o $default_dev -s $FLOATING_RANGE -j MASQUERADE |
|
116 |
+ sudo iptables -t nat -A POSTROUTING -o $default_route_dev -s $FLOATING_RANGE -j MASQUERADE |
|
119 | 117 |
fi |
120 | 118 |
} |
121 | 119 |
|
... | ... |
@@ -351,6 +352,11 @@ function _neutron_configure_router_v6 { |
351 | 351 |
|
352 | 352 |
# This logic is specific to using the l3-agent for layer 3 |
353 | 353 |
if is_service_enabled q-l3 || is_service_enabled neutron-l3; then |
354 |
+ # Ensure IPv6 RAs are accepted on the interface with the default route. |
|
355 |
+ # This is needed for neutron-based devstack clouds to work in |
|
356 |
+ # IPv6-only clouds in the gate. Please do not remove this without |
|
357 |
+ # talking to folks in Infra. |
|
358 |
+ sudo sysctl -w net.ipv6.conf.$default_route_dev.accept_ra=2 |
|
354 | 359 |
# Ensure IPv6 forwarding is enabled on the host |
355 | 360 |
sudo sysctl -w net.ipv6.conf.all.forwarding=1 |
356 | 361 |
# Configure and enable public bridge |