Bug 1673303
| Summary: | Prevent setting ipv6 gw on a non default-route-role network | ||
|---|---|---|---|
| Product: | [oVirt] ovirt-engine | Reporter: | Michael Burman <mburman> |
| Component: | BLL.Network | Assignee: | eraviv |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Michael Burman <mburman> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 4.3.0 | CC: | bugs, danken, dholler, emarcus, eraviv, mburman, rdlugyhe |
| Target Milestone: | ovirt-4.3.1 | Flags: | rule-engine:
ovirt-4.3+
|
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | ovirt-engine-4.3.1.1 | Doc Type: | Enhancement |
| Doc Text: |
In this release, the IPv6 default route of a host is managed by restricting the IPv6 default gateways so that there is only one such gateway for all host interfaces.
Note that:
1. When the default route role is moved away from a network, its IPv6 gateway is automatically removed from the corresponding interface.
2. After moving the default route role to a new network, you should set a static IPv6 gateway on this network.
3. If the host and Red Hat Virtualization Manager are not on the same subnet, the Manager will lose connectivity with the host on moving the default route role between networks (see note 1). You should take precautions to avoid this scenario.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-03-01 10:20:17 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | Network | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Michael Burman
2019-02-07 10:23:46 UTC
Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release. As agreed with QE, when the default route role is moved to a new network, there is an alert in the events tab and engine.log that the ipv6 gateway of the old default route role is being removed. Michael, pls ack, thanks (In reply to eraviv from comment #2) > As agreed with QE, when the default route role is moved to a new network, > there is an alert in the events tab and engine.log that the ipv6 gateway of > the old default route role is being removed. > Michael, pls ack, thanks ack Just want to make it more clear: 1. Via setup networks - attaching a IPv6 network with a default route role without setting the DG is blocked and doesn't allowed. 2. We don't block the option to change network's default route role while not attached to the host and assign it with this role, then the DG will be removed from the origin network and event log will allert the admin/user. - I'm not sure that the current event is clear enough, - What will happen if setting the default route role back on the otigin/old network? will the GW return? In reply to comment #3: 1. "Via setup networks - attaching a IPv6 network with a default route role without setting the DG is blocked and doesn't allowed." - no. this flow is handled by BZ1670341 and not related to this bug. in this bug we prevent setting an ipv6 gw on an attachment which is not the default route role 2. -> on moving default route role between networks: a. if source network is attached to a nic - its ipv6 gw will be removed from that nic (+ alert in log and events tab) - assuming a static config. if config is dynamic the host might put it back automatically. we do not support handling this case currently. b. the alert for the above is: "On cluster ${ClusterName} the 'Default Route Role' network is no longer network ${NetworkName}. The IPv6 gateway is being removed from this network." pls LMK if you want a change. c. if returning the default route role to the old network - the ipv6 gw cannot be returned because it no longer exists. it needs to be re-configured manually. d. if destination network is attached to a nic - it will become out of sync because there is no ipv6 gw on that nic (assuming a static config) e. engine does not block moving default route role between networks in any case - attached or not. 1. ack 2.a. if config is dynamic and gw may return, it means we may end up with 2 ipv6 gw? 2.b. ack 2.c. if returning the default route role to the old network - the ipv6 gw cannot be returned because it no longer exists. it needs to be re-configured manually. - this will result as out-of-sync? what if source was dynamic, DG can't be returned? 2.d. why out-of-sync? if i'm attaching the destination network as the default route + setting ipv6 gw the network must be in sync. this shouldn't end up as out-of-sync is setting the ipv6 gw on the network attachment. 2.e. ack 2a. as agreed we do not support dynamic ipv6 for now, but yes, this is what will happen on the interface side (but not on the attachment side) 2c. same - not supported but it will happen as above 2d. if setting ipv6 gw at the same time you attach the default route network via the setup networks - the nic will be in sync. but if you move the default route role via the Cluster>Manager Networks dialog, you will need to then go to setup networks and reconfigure the gw Dan, can you please ack my doc text? tnx I'm fine with the text (despite its apparent complexity). I don't know why bugzilla has set requires_doc_text+; it used to be the responsibility of a the human doc writer. Verified on - 4.3.1.1-0.1.el7 This bugzilla is included in oVirt 4.3.1 release, published on February 28th 2019. Since the problem described in this bug report should be resolved in oVirt 4.3.1 release, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report. maybe add "corresponding" as below: 1. When the default route role is moved away from a network, its ipv6 gateway is automatically removed from the corresponding interface. rest is ok |