Comment 11 for bug 1323766
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to neutron (stable/kilo) | #11 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
513534c
demo site
(Get the code!)
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: stable/kilo
commit 4858cd7cb97354a
Author: Dustin Lundquist <email address hidden>
Date: Mon Jul 6 13:53:46 2015 -0700
Ensure floating IPs only use IPv4 addresses
Description:
Presently Neutron doesn't validate the address family of floating IP
addresses or the internal addresses they are associated with. It merely
associates the first IP of the floating IP's port with the first IP of
the internal port, unless a specified fixed IP is specified. This can
lead to incorrect or poorly defined behavior when IPv6 is present.
The existing L3 agent implementation only manages IPv4 NAT rules. While
IPv6 NAT and NAT protocol translation are possible, the existing
implementation does not support these configurations.
Presently a floating IP can be created on an IPv6 only external network
or associated with an IPv6 fixed IP, but the L3 agent is unable to bind
these configurations.
Implementation:
When creating and updating a floating IP, only consider IPv4 addresses
on both the floating IPs port and the internal port he floating IP is
associated with. Additionally disallow creating floating IPs on networks
without any IPv4 subnets, since these floating IPs could not be
allocated an IPv4 address.
DocImpact
APIImpact
Co-Authored-By: Bradley Jones <email address hidden>
Change-Id: I79b28a304b38ec
Related-Bug: #1437855
Closes-Bug: #1323766
Closes-Bug: #1469322
(cherry picked from commit 4cdc71e7d0e5220