Ask Your Question
0

Neighbor Discovery Problems with Nova-Network and IPv6 (Havana)

asked 2014-07-24 10:02:10 -0500

hrzbrg gravatar image

Hi,

I want to run Havana with Nova-Network and IPv6. The only valid resource I found for a multi-host setup is from Cybera. You can already see some comments below the post, but I want to reach out to more people.

My compute nodes have the flat_interface = eth2 and the flat_network_bridge = br100. The eth2 interface has no v4/v6 address and accept_ra = 0 and v6 forwarding = 0. The br100 (at the moment still a linux bridge) configures itself via SLAAC from a router that serves router advertisements to the network.

With nova-manage I created a network and pointed the gateway_v6 to my router. I worked around radvd with a simple "exit 0" executable file, just as mentioned in the above blog post.

Spawned instances get their v6 address and I can verify that they receive router advertisements and have a default route pointing to the link local address of the router. I created security groups with ::/0 to allow ICMP and SSH. On the compute node that hosts the instance I can access it over v6. But now the problems start and I tcpdumped a lot:

Ping from Router --> Instance: Neighbor Solicitation arrives on Instance. Instance sends Neighbor Advertisement back to Router [Flags: solicited, override], but the Router never gets it.

Ping from Instance --> Router: Neighbor Solicitation arrives on Router. Router sends NA back to Instance [Flags: router, solicited, override] but it does not arrive at the Instance. Destination unreachable: Address unreachable

Ping from Instance --> google.com : On the Router I can see the requests going out and the replys coming in but the Instance is reporting a Destination unreachable.

Ping from v6 connected VM at Cybera --> Instance: On the Router I can see incoming traffic, but it is not reaching the Instance.

I googled a lot and stumbled over several suggestions including:

  • setting multicast_snooping=0 on br100
  • setting multicast_router=2 for the eth2 port in br100
  • setting proxy_ndp on/off on br100

None of it really solved it. At the moment I am stumbling in the dark because I don't know who is eating the Neighbor Advertisements.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2014-07-29 06:51:16 -0500

hrzbrg gravatar image

Since this was a testlab, the installation was in VirtualBox. After moving to vagrant-libvirt and starting the OpenStack boxes with kvm, the problem did not occur. So the problem seems to be in VirtualBox. It is not solved but circumvented for me.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-07-24 10:02:10 -0500

Seen: 518 times

Last updated: Jul 29 '14