Accept IPv6 RAs on the interface with the default route
Because neutron sets ipv6 forwarding settings, we stop accepting RAs
from IPv6-only host environments. This leads to a loss of external
connectivity, which is bad for zuul running tests and stuff.
Setting accept_ra to 2 will cause the RAs to be accepted.
Change-Id: Ia044fff2a1731ab6c04f82aea47096b425e0c0a0
diff --git a/lib/neutron_plugins/services/l3 b/lib/neutron_plugins/services/l3
index a4e7248..6bbac2c 100644
--- a/lib/neutron_plugins/services/l3
+++ b/lib/neutron_plugins/services/l3
@@ -83,6 +83,9 @@
SUBNETPOOL_SIZE_V4=${SUBNETPOOL_SIZE_V4:-24}
SUBNETPOOL_SIZE_V6=${SUBNETPOOL_SIZE_V6:-64}
+default_route_dev=$(ip route | grep ^default | awk '{print $5}')
+die_if_not_set $LINENO default_route_dev "Failure retrieving default route device"
+
function _determine_config_l3 {
local opts="--config-file $NEUTRON_CONF --config-file $Q_L3_CONF_FILE"
echo "$opts"
@@ -113,9 +116,7 @@
_move_neutron_addresses_route "$PUBLIC_INTERFACE" "$OVS_PHYSICAL_BRIDGE" False False "inet6"
fi
else
- local default_dev=""
- default_dev=$(ip route | grep ^default | awk '{print $5}')
- sudo iptables -t nat -A POSTROUTING -o $default_dev -s $FLOATING_RANGE -j MASQUERADE
+ sudo iptables -t nat -A POSTROUTING -o $default_route_dev -s $FLOATING_RANGE -j MASQUERADE
fi
}
@@ -351,6 +352,11 @@
# This logic is specific to using the l3-agent for layer 3
if is_service_enabled q-l3 || is_service_enabled neutron-l3; then
+ # Ensure IPv6 RAs are accepted on the interface with the default route.
+ # This is needed for neutron-based devstack clouds to work in
+ # IPv6-only clouds in the gate. Please do not remove this without
+ # talking to folks in Infra.
+ sudo sysctl -w net.ipv6.conf.$default_route_dev.accept_ra=2
# Ensure IPv6 forwarding is enabled on the host
sudo sysctl -w net.ipv6.conf.all.forwarding=1
# Configure and enable public bridge