openstack
/
neutron
Code Issues Proposed changes
neutron/neutron
History
Slawek Kaplonski ac474307d3 [ovs fw] Restrict IPv6 NA and DHCP(v6) IP and MAC source addresses 
Neighbor Advertisments are used to inform other machines of the MAC
address to use to reach an IPv6. This commits prevents VMs from
pretending they are assigned IPv6 they should not use.

It also prevents sending UDP packets with spoofed IP or MAC even using
DHCP(v6) request ports.

Co-authored-by: David Sinquin <david.sinquin@gandi.net>

Closes-bug: #1902917

Change-Id: Iffb6643359562487414460f5a7e19a7fae9f935c
(cherry picked from commit ca7822e210)
 		2021-05-14 14:41:28 +00:00
..
agent [ovs fw] Restrict IPv6 NA and DHCP(v6) IP and MAC source addresses 2021-05-14 14:41:28 +00:00
api DHCP notification optimization 2021-04-23 10:02:14 +00:00
cmd [OVN] Simplify connection creation logic 2021-05-05 00:37:13 +02:00
common Rely on worker count for HashRing caching 2021-05-06 09:07:38 +00:00
conf Add 'keepalived_use_no_track' config option 2020-08-25 07:54:03 +00:00
core_extensions Add "qos_network_policy_id" to port definition 2020-01-17 17:57:11 +00:00
db Merge "Improve Subnet update performance" into stable/ussuri 2021-05-08 11:32:26 +00:00
debug Fix neutron debug probe to use integration_bridge 2020-03-31 11:17:47 +00:00
extensions Merge "Allow sharing of subnet pools via RBAC mechanism" 2020-04-12 17:20:24 +00:00
hacking Allow usage of assert_called_once method in unit tests 2020-03-02 14:17:26 +02:00
ipam IPv6 accepts first address only for routers 2020-01-12 20:39:07 +00:00
locale Imported Translations from Zanata 2020-04-26 07:31:19 +00:00
notifiers Add config option ``http_retries`` 2020-07-09 10:11:22 +00:00
objects Get only FIP ID on network delete 2021-04-22 08:44:02 +00:00
pecan_wsgi Set DB retry for quota_enforcement pecan_wsgi hook 2019-11-08 15:34:17 +04:00
plugins Merge "ovn: Do not set reside-on-redirect-chassis on distributed FIP" into stable/ussuri 2021-05-07 11:59:09 +00:00
privileged Delete HA metadata proxy PID and config with elevated privileges 2021-03-03 09:36:06 +01:00
profiling Add profiler decorator to Neutron 2019-10-31 10:05:01 -05:00
quota Set DB retry for quota_enforcement pecan_wsgi hook 2019-11-08 15:34:17 +04:00
scheduler L3 agent scheduler should return a valid index if manual scheduling 2020-06-26 09:59:27 +00:00
server Re-use existing ProcessLauncher from wsgi in RPC workers 2020-02-07 14:51:06 +01:00
services Merge "designate: allow PTR zone creation to fail" into stable/ussuri 2021-05-07 06:03:30 +00:00
tests [ovs fw] Restrict IPv6 NA and DHCP(v6) IP and MAC source addresses 2021-05-14 14:41:28 +00:00
__init__.py Fix incorrect usage of '# flake8: noqa' 2018-10-29 15:27:50 -04:00
_i18n.py Make code follow log translation guideline 2017-08-14 02:01:48 +00:00
auth.py Use oslo.context class method to construct context object 2017-03-23 09:02:46 +00:00
manager.py Support L3 agent cleanup on shutdown 2019-12-16 17:01:31 -05:00
neutron_plugin_base_v2.py Do not load default service plugins if core plugin is not DB based 2017-11-09 20:34:52 +00:00
opts.py Provide the rpc_response_max_timeout parameter to metadata-agent 2021-05-01 16:08:54 +00:00
policy.py List SG rules which belongs to tenant's SG 2019-11-27 15:45:09 +01:00
service.py Re-use existing ProcessLauncher from wsgi in RPC workers 2020-02-07 14:51:06 +01:00
version.py
worker.py Change process name of neutron-server to match worker role 2019-03-01 14:18:09 -05:00
wsgi.py Re-use existing ProcessLauncher from wsgi in RPC workers 2020-02-07 14:51:06 +01:00