diff --git a/neutron/db/securitygroups_rpc_base.py b/neutron/db/securitygroups_rpc_base.py
index 2eb796ab50c..2f54c897862 100644
--- a/neutron/db/securitygroups_rpc_base.py
+++ b/neutron/db/securitygroups_rpc_base.py
@@ -349,6 +349,9 @@ class SecurityGroupServerRpcMixin(sg_db.SecurityGroupDbMixin):
             if ip_version == 4:
                 # v4 dhcp servers can also talk to broadcast
                 dests.append('255.255.255.255/32')
+            elif ip_version == 6:
+                # v6 dhcp responses can target link-local addresses
+                dests.append('fe80::/64')
             source_port, dest_port, ethertype = DHCP_RULE_PORT[ip_version]
             for dest in dests:
                 dhcp_rule = {'direction': 'ingress',
diff --git a/neutron/tests/unit/agent/test_securitygroups_rpc.py b/neutron/tests/unit/agent/test_securitygroups_rpc.py
index 33ed18c4a8b..1c42999c62d 100644
--- a/neutron/tests/unit/agent/test_securitygroups_rpc.py
+++ b/neutron/tests/unit/agent/test_securitygroups_rpc.py
@@ -87,6 +87,15 @@ def ingress_address_assignment_rules(port):
                       'source_port_range_max': 547,
                       'source_port_range_min': 547,
                       'dest_ip_prefix': '%s/128' % dest})
+    for dest in ['fe80::/64']:
+        rules.append({'direction': 'ingress',
+                      'ethertype': 'IPv6',
+                      'port_range_max': 546,
+                      'port_range_min': 546,
+                      'protocol': 'udp',
+                      'source_port_range_max': 547,
+                      'source_port_range_min': 547,
+                      'dest_ip_prefix': '%s' % dest})
     return rules