Revision history [back]

First of all, it seems that you are overlaying your tenant data network on top of your management network since you seemed to be using the same prefix (what are the xxxx:xxxx in the prefix?) for both networks. Assuming that's the case, and that you are using ovs plugin, and you know what your physical interface is on each of the nodes that is connected to your physical network, this is what I think you should do to make it work:

Your Solution 1: -- configure each compute node so that the ipv6 address is configured on the br-int interface (supposedly that's the integration bridge used with the ovs plugin). -- adding your physical interface to br-int -- create a tenant network instead (does not need to be external, but could be shared) and a subnet with that prefix. -- depending on if you are running RA in your physical network. If you are not, then you need to configure a default route after logging into your instance, pointing to your router that is running on the same physical network. If you are, you want to make sure when you create your tenant subnet, the gw address should be the LLA of your upstream router. -- boot your instance with --nic net-id <your tenant="" network="">

The above setup doesn't require a network node. If you use a network node, you'd use your Solution 3. But you need to setup your physical network on that node so that l3 routing is configured properly. Without knowing your physical network, but suppose you have a physical interface on your network node that is connected with your upstream router, one way to achieve that is you'd need a separate prefix for your tenant subnet. In this case, the network node itself is used as a router with a physical interface connected to your upstream router. -- configure your upstream router to route your tenant subnet prefix to the physical interface on the network node -- enable ipv6 forwarding on your network node -- on your network node, you'd have a br-ex bridge. Your neutron router has the external gw port connected to br-ex. -- on your network node, create a route for your tenant prefix so that it's next hop is the neutron router's external gw port. -- configure ipv6_gateway to be br-ex's LLA address for neutron l3 service before launching it

Hopefully the above description is clear enough to provide some help. The bottom line is that your tenant's virtual network needs to be hooked up properly with the physical network. And the above are just two possible ways to achieve that.