1. give each HA failover case an independent vrrp_id
2. give each HA port an independent IP address, so the
interface IPs for router HA ports will be:
169.254.192.100 and 169.254.192.101
169.254.192.102 and 169.254.192.103
169.254.192.104 and 169.254.192.105
169.254.192.106 and 169.254.192.107
VIP of each case will be:
169.254.0.10/24
169.254.0.11/24
169.254.0.12/24
169.254.0.13/24
169.254.0.14/24
Closes-Bug: #1819160
Change-Id: I1216d96af40449ec16a852cc1f6c4f15c85f4546
Reduces E128 warnings by ~260 to just ~900,
no way we're getting rid of all of them at once (or ever).
Files under neutron/tests still have a ton of E128 warnings.
Change-Id: I9137150ccf129bf443e33428267cd4bc9c323b54
Co-Authored-By: Akihiro Motoki <amotoki@gmail.com>
Port forwarding floating IPs QoS should be limited under
the binding QoS policy. So this patch extends the l3-agent
fip-qos agent extension floating IP list with the port
forwarding related IPs.
Change-Id: Iddabfabafc0803edd1e4ac0893dc188f1907234a
Closes-Bug: #1796925
This patch enables to bind a QoS policy to the router gateway,
then in L3 agent side SNAT traffic for the VMs without floating
IPs can be limited under the policy bandwidth rules. This is
suit for all kinds of L3 routers: DVR, DVR with SNAT HA, L3 HA
and Legacy.
API update router gateway json:
{
router": {
"external_gateway_info": {
...
"qos_policy_id": "policy-uuid"
}
}
}
Depends-On: https://review.openstack.org/#/c/567497/
Partially-Implements blueprint: router-gateway-ip-qos
Closes-Bug: #1757044
Related-Bug: #1596611
Change-Id: I26e22bce7edd1f93b2ac0048b61b14f858938537
For L3 DVR HA router, the centralized floating IP nat rules are not
installed in every HA node snat namespace. So, install the rules to
all the router snat-namespace on every scheduled HA router host.
Closes-Bug: #1793527
Change-Id: I08132510b3ed374a3f85146498f3624a103873d7
On l3-agent restart, prefix delegation subnets weren't always
inserted into the local router_info cache, leading to a missing
ip6tables rule. Add it when the internal network is configured
if the prefix has already been assigned.
Change-Id: Ic045e2763ba2772bcaf037591821501e84e40878
Closes-bug: #1789403
This patch implements the L3 agent side floating IP rate limit.
For all routers, if floating IP has qos rules, the corresponding
TC filters will be added to:
1. for legacy/HA router, the device is qg-device of qrouter-namespace,
aka router gateway in network node.
2. for dvr (HA) router in compute node, the device is rfp-device, the
namespace is qrouter-namespace.
3. for dvr (HA) router in network node, the device is qg-device in
snat-namespace.
Partially-Implements blueprint: floating-ip-rate-limit
Change-Id: Ie8a5fe4ebaeccfb3998732dd972663c54542b5bf
Commit I9642ed9b513a43c5558f9611f43227299707284a rehomed the
PROVISIONAL_IPV6_PD_PREFIX constant into neutron-lib. This patch
consumes it removing the constant in neutron and using lib's version
of it instead.
NeutronLibImpact
Change-Id: I107cb5e0ff2f3e2c5bb9dc501f420d0be08735a0
This patch makes L3 agent to update its ports' MTU when it's changed on
core plugin side.
Related-Bug: #1671634
Change-Id: I4444da6358e8b8420a3a365e1107b02f5bb1161d
The following enhancements are added:
-- PD keeps track of status of neutron routers: active or
standalone (master), or standby (not master),
-- PD DHCP clients are only spawned in the active router. In the
standby router, PD keeps track of the assigned prefixes, but
doesn't spawn DHCP clients.
-- When switchover occurs, on the router becoming standby, PD
clients are "killed" so that they don't send prefix withdrawals
to the DHCP server. On the router becoming active, PD spawns DHCP
clients with the assigned prefixes configured as hints in the
DHCP client's configuration
Closes-Bug: #1651465
Change-Id: I17df98128c7a88e72e31251687f30f569df6b860
For IPv6, the csnat port list could have multiple
subnets contained in it, but we were only ever
looking at the one associated with the first fixed
IP when trying to match an internal port. Change
to check all subnets on all port combinations
(internal and csnat) before giving up.
Change-Id: I9c0ac933c08734a3f6738a233fdf6021ce9bd375
Closes-bug: #1624515
Remove deprecation warnings for various constants
and exceptions that have moved to neutron_lib.
Fix miscellaneous other deprecations.
Uses constants instead of l3_constants when importing
neutron-lib constants.
Co-Authored By: Henry Gessau <gessau@gmail.com>
Co-Authored By: Gary Kotton <gkotton@vmware.com>
Change-Id: Ib0e8ff5c3e23677c1009241a1818cbc8a3430c38
DvrEdgeRouter.process_address_scope() currently assumes that
snat_iptables_manager was initialized, however this is only done when an
external gateway is added. In case a new DVR+HA router was created
without an external gateway, the l3 agent will raise an exception and
will not create the router correctly. This patch adds a simple check to
make sure that it is defined before it's actually used.
Closes-Bug: #1560945
Change-Id: I677e0837956a6d008a3935d961f078987a07d0c4
RFC4861 allows us to specify the Link MTU using IPv6 RAs.
When advertise_mtu is set in the config, this patch supports
advertising the LinkMTU using Router Advertisements.
Partially Implements: blueprint mtu-selection-and-advertisement
Closes-Bug: #1495444
Change-Id: I50d40cd3b8eabf1899461a80e729d5bd1e727f28
Occurances of Openstack (incorrect capitalization) are replaced with
OpenStack
Change-Id: I7f33060a2dd430cdd49aebf9420e3cd54d21c72c
Closes-Bug: #1535246
RFC6106 standardizes IPv6 Router Advertisements to support
Recursive DNS server information. RDNSS info allows an IPv6
host to configure the DNS information via RA messages without
needing DHCPv6 for the DNS configuration.
This patch configures RADVD daemon to include RDNSS entries in
the Router Advertisements when the IPv6 subnet has dns_nameservers.
Closes-Bug: #1495465
Change-Id: Ia516d40b1c7a83cd7046b2b7f42d1204f44288a9
Now that we have the constant defined, we should reuse it from other
code to avoid potential typos.
Change-Id: Id7a941c1a461264ba44893d97cc6226f092e9888
This patch adds the common framework to be used by specific
implementations of the DHCPv6 protocol for Prefix Delegation.
It also includes a reference implementation based on the Dibbler
DHCPv6 client. Dibbler version 1.0.1 or greater is required.
Sanity tests are included to verify the installed version.
A patch for admin/user documentation is up for review here:
https://review.openstack.org/#/c/178739
Video guides for configuring and using this feature are available on
YouTube:
https://www.youtube.com/watch?v=wI830s881HQhttps://www.youtube.com/watch?v=zfsFyS01Fn0
Co-Authored-By: Baodong (Robert) Li <baoli@cisco.com>
Co-Authored-By: Sam Betts <sam@code-smash.net>
Change-Id: Id94acbbe96c717f68f318b2d715dd9cb9cc7fe4f
Implements: blueprint ipv6-prefix-delegation
Add scope in HA virtual route mode to
represent on link scope route from extra subnet.
Co-Authored-By: Assaf Muller <amuller@redhat.com>
Change-Id: I6ce000a7aa8e4b9e61a35a86d3dc8c0b7beaa3a9
Closes-bug: 1414640
Currently the same dvr router class is used both by the L3 Agent
in the compute nodes that is responsible for the virtual routers
namespace and the fip namespace and also used by the centralized
SNAT L3 Agent in the network node.
This is the first step to decompose the two into different
classes.
The above means that we have one class of DVR router which is used
for two jobs (the virtual router namespace wiring and the fips wiring
in the compute node in one hand and the centralized snat wiring in the other)
The end goal of this patch is to separate the two into different classes
which will also help maintaining it and also help projects that want
to use one but not the other (for example only use the centralized
SNAT behaviour with there own DVR implementation)
Change-Id: I581a097b9e7c49f20d0eb0e4ca66a25e90d9511b
Partial-Bug: #1458541
Partially-Implements: blueprint dvr-router-code-decompose
Rodolfo Alonso Hernandez