Commit Graph

29 Commits (0634dcc6d0f08c18c69a2c360a2c5c0581ec7bb6)

Author SHA1 Message Date
Rodolfo Alonso Hernandez ddd5832323 Remove "six" library
Last step to remove "six" library usage in Neutron.

Change-Id: Idd42e0c51c8c3bd598c9cf91602596be238bccae
3 years ago
LIU Yulong c69a87405a Give some HA router case specific resources
1. give each HA failover case an independent vrrp_id
2. give each HA port an independent IP address, so the
interface IPs for router HA ports will be: and and and and
VIP of each case will be:

Closes-Bug: #1819160
Change-Id: I1216d96af40449ec16a852cc1f6c4f15c85f4546
4 years ago
Brian Haley eaf990b2bc Fix pep8 E128 warnings in non-test code
Reduces E128 warnings by ~260 to just ~900,
no way we're getting rid of all of them at once (or ever).
Files under neutron/tests still have a ton of E128 warnings.

Change-Id: I9137150ccf129bf443e33428267cd4bc9c323b54
Co-Authored-By: Akihiro Motoki <>
4 years ago
LIU Yulong e108ac6bdf Add port forwarding floating IP QoS
Port forwarding floating IPs QoS should be limited under
the binding QoS policy. So this patch extends the l3-agent
fip-qos agent extension floating IP list with the port
forwarding related IPs.

Change-Id: Iddabfabafc0803edd1e4ac0893dc188f1907234a
Closes-Bug: #1796925
4 years ago
LIU Yulong 00bf365025 [L3][QoS] Neutron server side router gateway IP QoS
This patch enables to bind a QoS policy to the router gateway,
then in L3 agent side SNAT traffic for the VMs without floating
IPs can be limited under the policy bandwidth rules. This is
suit for all kinds of L3 routers: DVR, DVR with SNAT HA, L3 HA
and Legacy.

API update router gateway json:
router": {
  "external_gateway_info": {
    "qos_policy_id": "policy-uuid"


Partially-Implements blueprint: router-gateway-ip-qos
Closes-Bug: #1757044
Related-Bug: #1596611
Change-Id: I26e22bce7edd1f93b2ac0048b61b14f858938537
5 years ago
LIU Yulong ee7660f593 Install centralized floating IP nat rules to all ha nodes
For L3 DVR HA router, the centralized floating IP nat rules are not
installed in every HA node snat namespace. So, install the rules to
all the router snat-namespace on every scheduled HA router host.

Closes-Bug: #1793527
Change-Id: I08132510b3ed374a3f85146498f3624a103873d7
5 years ago
Brian Haley d19dcf1ef2 Fix IPv6 prefix delegation issue on agent restart
On l3-agent restart, prefix delegation subnets weren't always
inserted into the local router_info cache, leading to a missing
ip6tables rule.  Add it when the internal network is configured
if the prefix has already been assigned.

Change-Id: Ic045e2763ba2772bcaf037591821501e84e40878
Closes-bug: #1789403
5 years ago
Hongbin Lu 46913a69fd Use constant IP_VERSION_4/6 in functional tests
Change-Id: I62b5a37508838a42b03a39de02660b8cafc08c41
5 years ago
Brian Haley 7cfdf4aa81 Fix all pep8 E129 errors
Fixed all pep8 E129 errors and changed tox.ini to no longer
ignore them.

Change-Id: I0b06d99ce1d473b79a4cfdd173baa4f02e653847
5 years ago
LIU Yulong d0aaae2800 [L3][QoS] L3 agent side Floating IP rate limit
This patch implements the L3 agent side floating IP rate limit.
For all routers, if floating IP has qos rules, the corresponding
TC filters will be added to:
1. for legacy/HA router, the device is qg-device of qrouter-namespace,
   aka router gateway in network node.
2. for dvr (HA) router in compute node, the device is rfp-device, the
   namespace is qrouter-namespace.
3. for dvr (HA) router in network node, the device is qg-device in

Partially-Implements blueprint: floating-ip-rate-limit

Change-Id: Ie8a5fe4ebaeccfb3998732dd972663c54542b5bf
6 years ago
Boden R 502e99bca9 use PROVISIONAL_IPV6_PD_PREFIX from neutron-lib
Commit I9642ed9b513a43c5558f9611f43227299707284a rehomed the
PROVISIONAL_IPV6_PD_PREFIX constant into neutron-lib. This patch
consumes it removing the constant in neutron and using lib's version
of it instead.


Change-Id: I107cb5e0ff2f3e2c5bb9dc501f420d0be08735a0
6 years ago
Ihar Hrachyshka cc69828ff0 Apply network MTU changes to l3 ports
This patch makes L3 agent to update its ports' MTU when it's changed on
core plugin side.

Related-Bug: #1671634
Change-Id: I4444da6358e8b8420a3a365e1107b02f5bb1161d
6 years ago
Robert Li bb3c0e8285 Add PD support in HA router
The following enhancements are added:
  -- PD keeps track of status of neutron routers: active or
     standalone (master), or standby (not master),
  -- PD DHCP clients are only spawned in the active router. In the
     standby router, PD keeps track of the assigned prefixes, but
     doesn't spawn DHCP clients.
  -- When switchover occurs, on the router becoming standby, PD
     clients are "killed" so that they don't send prefix withdrawals
     to the DHCP server. On the router becoming active, PD spawns DHCP
     clients with the assigned prefixes configured as hints in the
     DHCP client's configuration

Closes-Bug: #1651465
Change-Id: I17df98128c7a88e72e31251687f30f569df6b860
6 years ago
Brian Haley 0629129c03 DVR: Look at all SNAT ports for a subnet match
For IPv6, the csnat port list could have multiple
subnets contained in it, but we were only ever
looking at the one associated with the first fixed
IP when trying to match an internal port.  Change
to check all subnets on all port combinations
(internal and csnat) before giving up.

Change-Id: I9c0ac933c08734a3f6738a233fdf6021ce9bd375
Closes-bug: #1624515
6 years ago
Gary Kotton 9f09f27c5d Fix deprecation warnings
Remove deprecation warnings for various constants
and exceptions that have moved to neutron_lib.

Fix miscellaneous other deprecations.

Uses constants instead of l3_constants when importing
neutron-lib constants.

Co-Authored By: Henry Gessau <>
Co-Authored By: Gary Kotton <>

Change-Id: Ib0e8ff5c3e23677c1009241a1818cbc8a3430c38
7 years ago
Henry Gessau 4148a347b3 Use constants from neutron-lib
With this we enable the deprecation warnings by default.

Related-Blueprint: neutron-lib

Change-Id: I5b9e53751dd164010e5bbeb15f534ac0fe2a5105
7 years ago
John Schwarz a8b6067115 Fix reference to uninitialized iptables manager
DvrEdgeRouter.process_address_scope() currently assumes that
snat_iptables_manager was initialized, however this is only done when an
external gateway is added. In case a new DVR+HA router was created
without an external gateway, the l3 agent will raise an exception and
will not create the router correctly. This patch adds a simple check to
make sure that it is defined before it's actually used.

Closes-Bug: #1560945
Change-Id: I677e0837956a6d008a3935d961f078987a07d0c4
7 years ago
Jenkins 5d3fd438b7 Merge "Support MTU advertisement using IPv6 RAs" 7 years ago
sridhargaddam 47713f5870 Support MTU advertisement using IPv6 RAs
RFC4861 allows us to specify the Link MTU using IPv6 RAs.
When advertise_mtu is set in the config, this patch supports
advertising the LinkMTU using Router Advertisements.

Partially Implements: blueprint mtu-selection-and-advertisement
Closes-Bug: #1495444
Change-Id: I50d40cd3b8eabf1899461a80e729d5bd1e727f28
7 years ago
Jenkins fe55ae8a21 Merge "Fixes typos Openstack -> OpenStack" 7 years ago
Bhagyashri Shewale 88e899f7a0 Fix module's import order
Made corrections in import order for built-in, third party and
project specific modules as per OpenStack import standards [1].


Change-Id: I899deefd6ee4732d6c0afd17a5afbe42b0fa37ba
7 years ago
Emma Foley dcf6ffe185 Fixes typos Openstack -> OpenStack
Occurances of Openstack (incorrect capitalization) are replaced with

Change-Id: I7f33060a2dd430cdd49aebf9420e3cd54d21c72c
Closes-Bug: #1535246
7 years ago
Jenkins 7869954dd3 Merge "Support for IPv6 RDNSS Option in Router Advts" 8 years ago
sridhargaddam a3e102934c Support for IPv6 RDNSS Option in Router Advts
RFC6106 standardizes IPv6 Router Advertisements to support
Recursive DNS server information. RDNSS info allows an IPv6
host to configure the DNS information via RA messages without
needing DHCPv6 for the DNS configuration.

This patch configures RADVD daemon to include RDNSS entries in
the Router Advertisements when the IPv6 subnet has dns_nameservers.

Closes-Bug: #1495465
Change-Id: Ia516d40b1c7a83cd7046b2b7f42d1204f44288a9
8 years ago
Gary Kotton 50be190b68 Use DEVICE_OWNER_* for 'network:*' constants
Now that we have the constant defined, we should reuse it from other
code to avoid potential typos.

Change-Id: Id7a941c1a461264ba44893d97cc6226f092e9888
8 years ago
John Davidge 4b329c345c L3 agent changes and reference implementation for IPv6 PD
This patch adds the common framework to be used by specific
implementations of the DHCPv6 protocol for Prefix Delegation.

It also includes a reference implementation based on the Dibbler
DHCPv6 client. Dibbler version 1.0.1 or greater is required.
Sanity tests are included to verify the installed version.

A patch for admin/user documentation is up for review here:

Video guides for configuring and using this feature are available on

Co-Authored-By: Baodong (Robert) Li <>
Co-Authored-By: Sam Betts <>

Change-Id: Id94acbbe96c717f68f318b2d715dd9cb9cc7fe4f
Implements: blueprint ipv6-prefix-delegation
8 years ago
gong yong sheng 3b0fe59745 Add extra subnet route to ha router
Add scope in HA virtual route mode to
represent on link scope route from extra subnet.

Co-Authored-By: Assaf Muller <>

Change-Id: I6ce000a7aa8e4b9e61a35a86d3dc8c0b7beaa3a9
Closes-bug: 1414640
8 years ago
ChangBo Guo(gcb) c3d65a0ed9 Switch to oslo_utils.uuidutils
Get rid of oslo-incubator uuidutils

Closes-Bug: #1467020
Depends-On: I2df519965883b05d5d58cdc4785c850b0685dc2c
Depends-On: I9f8e98ad9517864a9ffdacf01c0a9a5aab554edb
Depends-On: Ied0faac809a5b72b1cd466c8babc9ca5418692c3
Change-Id: Iebe491b981b4b7c02785412fadd27678bb5e47de
8 years ago
Gal Sagie 35654ec23e Decompose DVR CSNAT L3 Agent from Compute Node L3 Agent
Currently the same dvr router class is used both by the L3 Agent
in the compute nodes that is responsible for the virtual routers
namespace and the fip namespace and also used by the centralized
SNAT L3 Agent in the network node.
This is the first step to decompose the two into different

The above means that we have one class of DVR router which is used
for two jobs (the virtual router namespace wiring and the fips wiring
in the compute node in one hand and the centralized snat wiring in the other)
The end goal of this patch is to separate the two into different classes
which will also help maintaining it and also help projects that want
to use one but not the other (for example only use the centralized
SNAT behaviour with there own DVR implementation)

Change-Id: I581a097b9e7c49f20d0eb0e4ca66a25e90d9511b
Partial-Bug: #1458541
Partially-Implements: blueprint dvr-router-code-decompose
8 years ago