OpenStack Networking (Neutron)

Go to file

Brian Haley d17b1a6abb Fix iptables mapping of 'ipip' protocol Map 'ipip' to use the string 'ipencap' so the IptablesFirewallDriver class in neutron works correctly. Once neutron-lib is bumped this can be removed. Add tests for IP protocol 'ipip', '4' and '94' to make sure the IptablesFirewallDriver class in neutron treats them correctly. Long description below. This is one of those confusing edge cases and I think Linux is conspiring against us. Let me explain. 1) neutron-lib does correctly define the protocol name 'ipip' as 4. 2) The linux kernel uses the same in in.h: IPPROTO_IPIP = 4 IPPROTO_BEETPH = 94 (?) 3) iptables maps 'ipip' to 94 and 'ipencap' to 4. # for num in {0..255}; do iptables -A INPUT -p $num; done # iptables-save \| grep -E 'ipip\|ipencap' -A INPUT -p ipencap -A INPUT -p ipip 4) /etc/protocols does the same as iptables: grep -E 'ipencap\|ipip' /etc/protocols ipencap 4 IP-ENCAP # IP encapsulated in IP (officially ``IP'') ipip 94 IPIP # IP-within-IP Encapsulation Protocol 5) getprotoby{name\|number} does what /etc/protocols does: $ getprotobyname ipip struct protoent: (0x7fbbbcca9c60) p_name ipip p_aliases IPIP p_proto 94 $ getprotobynumber 4 struct protoent: (0x7fc51ad86be0) p_name ipencap p_aliases IP-ENCAP p_proto 4 Neutron actually builds a mapping based on the getprotoby* calls, so in the iptables case it winds-up doing the wrong thing. Partial-bug: #2054324 Change-Id: Icc84b54be07d39059723d6c233c03aa130102423 (cherry picked from commit `793dfb04d0`)		2024-03-04 16:18:35 +00:00
api-ref	Fix some typos	2016-06-28 22:46:19 +02:00
devstack	Remove note about migration from lib/neutron-legacy to lib/neutron	2022-12-20 11:05:05 +01:00
doc	Merge "Disallow subnet cidr of :: without PD" into stable/2023.1	2024-02-26 18:56:02 +00:00
etc	Add missing osprofiler options	2023-02-28 18:06:17 +09:00
neutron	Fix iptables mapping of 'ipip' protocol	2024-03-04 16:18:35 +00:00
playbooks	Limit tox version to <4	2022-12-10 20:43:54 +01:00
rally-jobs	[ci] Fix several rally task arguments	2020-05-06 14:56:27 +03:00
releasenotes	Merge "[OVN] Warn about invalid OVN and FIP PF config during start of Neutron" into stable/2023.1	2024-02-15 10:31:29 +00:00
roles	Restore the tempest nftables jobs in experimental and periodic queues	2023-11-07 13:52:13 +00:00
tools	[OVN][Migration] Enable settings backup subnet for NFS clients	2023-06-06 17:54:11 +00:00
vagrant/ovn	Fix local neutron folder path in ovn/sparse/Vagrantfile	2020-11-03 17:02:34 +01:00
zuul.d	Unmaintained-Only: change stable/yoga to unmaintained	2024-02-12 15:07:20 +01:00
.coveragerc	Cleanup coverage configuration	2016-10-17 17:06:19 +05:30
.gitignore	Ignore reno artefacts (RELEASENOTES.rst and reno.cache)	2023-01-18 04:52:03 +01:00
.gitreview	Update .gitreview for stable/2023.1	2023-03-02 11:32:59 +00:00
.mailmap	Add mailmap entry	2014-05-16 13:40:04 -04:00
.pylintrc	Update .pylintrc	2022-12-12 11:48:41 -05:00
.stestr.conf	Fix post gate hook to accommodate for new os-testr	2017-09-12 14:20:12 -06:00
CONTRIBUTING.rst	[Community goal] Add contributor and PTL guide	2020-03-03 04:43:26 +01:00
HACKING.rst	Follow up for replacing assertItemsEqual	2021-06-03 16:04:07 +00:00
LICENSE	Adding Apache Version 2.0 license file. This is the official license agreement under which Quantum code is available to	2011-08-08 12:31:04 -07:00
README.rst	Doc: make the contributor guide more visible	2022-07-14 13:08:56 +02:00
TESTING.rst	Amend documentation for fullstack tests	2022-12-08 14:29:34 +01:00
bindep.txt	Drop vzctl dep from bindep package list	2022-04-12 16:40:09 +05:30
plugin.spec	Add OVN migration OSP 16.2 option	2021-01-24 17:18:55 +02:00
requirements.txt	Make ``OVNMechanismDriver.post_fork_initialize`` callback cancellable	2024-01-23 09:43:16 +00:00
setup.cfg	[OVN] Change oslo config options entry point for the OVN agent	2023-03-07 19:22:44 +01:00
setup.py	Updated from global requirements	2017-03-04 11:19:58 +00:00
test-requirements.txt	Follow-up: Move linters dependencies to tox.ini	2021-01-07 04:26:07 +09:00
tox.ini	[FT] Move ``BaseOVSTestCase`` class to concurrency 1 executor	2023-07-04 00:54:25 +00:00

README.rst

OpenStack Neutron

Neutron is an OpenStack project to provide "network connectivity as a service" between interface devices (e.g., vNICs) managed by other OpenStack services (e.g., Nova).

To learn more about neutron:

Documentation: https://docs.openstack.org/neutron/latest/

Features: https://specs.openstack.org/openstack/neutron-specs

Defects: https://launchpad.net/neutron

Release notes: https://docs.openstack.org/releasenotes/neutron/index.html

Source: https://opendev.org/openstack/neutron

If you would like to contribute to Neutron, please read the file CONTRIBUTING.rst or see the Neutron contributor guide:

https://docs.openstack.org/neutron/latest/contributor/contributing.html

Get in touch via email. Use [Neutron] in your subject.