Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1191247

Summary: [RFE] make use of DAD in rgmanager IPv6 for duplicate check
Product: Red Hat Enterprise Linux 6 Reporter: Cedric Buissart <cbuissar>
Component: resource-agentsAssignee: Oyvind Albrigtsen <oalbrigt>
Status: CLOSED ERRATA QA Contact: cluster-qe <cluster-qe>
Severity: high Docs Contact:
Priority: high    
Version: 6.8CC: agk, cluster-maint, jruemker, mnovacek, sauchter, tbowling, tlavigne
Target Milestone: rcKeywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: resource-agents-3.9.5-26.el6 Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
: 1276698 (view as bug list) Environment:
Last Closed: 2016-05-10 19:13:27 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1172231, 1271835, 1276698, 1276699    
Attachments:
Description Flags
Working patch none

Description Cedric Buissart 2015-02-10 20:14:04 UTC 
Description :

Currently, rgmanager's ipv6 resource does a duplicate check via a ping that lasts 2 seconds.

However, IPv6 comes with a built-in duplicate address detection (DAD), which starts automatically when the address is set.

The idea of the RFE would be to replace the 2 second check by an efficient use of DAD.

Benefits :
- if the ping does not correctly find out the existence of a dupicate (e.g. ping reply disable), the resource will start successfully, but the address will remain unusable until the duplicate disapears. Thus, in theory, relying on IPv6's own DAD should be safer
- the ping can be removed, the resource will gain 2 seconds of start up time (note: even in present state, we need for DAD to finish before using the send_ua helper)
- DAD can be tuned as user's will via procfs


Additional info:

The idea would be to replace the ping by this kind of algorithm :

ip address address
while IP has tag 'tentative' ; do sleep ; done
if IP does not exist ; 
  exit FAIL
fi
if IP has tag 'dadfailed' 
   ip address remove
   exit FAIL
fi
send_ua
Comment 3 Cedric Buissart 2015-03-06 21:09:41 UTC 
Hi David,

This seems to work fine so far :

https://github.com/cedricbu/resource-agents/blob/cedric_rgmanager_ipv6_dad/rgmanager/src/resources/ip.sh

I removed the ping. Upon adding the address, the code waits until DAD is done. It will remove the IPv6 address if there is a duplicate found, otherwise it will go one with send_ua.

Any chance we will include this ? or it is too much changes for too little gain ?

Note : in the current state, there is still the possibility that the address already exists somewhere but does not answer to ping. In that case, the duplicate wont be detected and the resource will probably successfully start, but the address will not work.

Cedric
Comment 6 Oyvind Albrigtsen 2015-10-15 14:04:29 UTC 
Created attachment 1083270 [details]
Working patch
Comment 7 Oyvind Albrigtsen 2015-10-15 14:06:45 UTC 
Tested with working IPv6-address, and with IPv6-address that collided with an existing one, and it worked as expected.

The working patch has been attached.
Comment 8 Oyvind Albrigtsen 2015-10-28 14:35:36 UTC 
After upgrade it doesnt Ping, so the Pinging line isnt shown there, and DAD is added to the "address collision" line

Before:
# rpm -q resource-agents
resource-agents-3.9.5-24.el6.x86_64

# tail -f /var/log/cluster/rgmanager.log
Oct 28 15:21:39 rgmanager Starting disabled service service:ip
Oct 28 15:21:39 rgmanager [ip] Link for eth0: Detected
Oct 28 15:21:39 rgmanager [ip] Adding IPv6 address XXXX:40:15:7::10/64 to eth0
Oct 28 15:21:39 rgmanager [ip] Pinging addr XXXX:40:15:7::10 from dev eth0
Oct 28 15:21:39 rgmanager [ip] IPv6 address collision  XXXX:40:15:7::10
Oct 28 15:21:39 rgmanager start on ip "XXXX:40:15:7::10/64" returned 1 (generic error)
Oct 28 15:21:39 rgmanager #68: Failed to start service:ip; return value: 1
Oct 28 15:21:39 rgmanager Stopping failed service service:ip

After:
# rpm -q resource-agents
resource-agents-3.9.5-26.el6.x86_64

# tail -f /var/log/cluster/rgmanager.log
Oct 28 15:24:13 rgmanager Starting disabled service service:ip
Oct 28 15:24:13 rgmanager [ip] Link for eth0: Detected
Oct 28 15:24:13 rgmanager [ip] Adding IPv6 address XXXX:40:15:7::10/64 to eth0
Oct 28 15:24:14 rgmanager [ip] IPv6 address collision XXXX:40:15:7::10 [DAD]
Oct 28 15:24:14 rgmanager start on ip "XXXX:40:15:7::10/64" returned 1 (generic error)
Oct 28 15:24:14 rgmanager #68: Failed to start service:ip; return value: 1
Oct 28 15:24:14 rgmanager Stopping failed service service:ip
Comment 10 michal novacek 2016-03-30 09:15:31 UTC 
I have verified that duplicate ipv6 address is correctly recognized using DAD
instead of ping in resource-agents-3.9.5-34.el6.x86_64

----

# ping6 -c 2 2620:52:0:2246:1800:ff:fe00:93
PING 2620:52:0:2246:1800:ff:fe00:93(2620:52:0:2246:1800:ff:fe00:93) 56 data bytes
64 bytes from 2620:52:0:2246:1800:ff:fe00:93: icmp_seq=1 ttl=64 time=0.352 ms
64 bytes from 2620:52:0:2246:1800:ff:fe00:93: icmp_seq=2 ttl=64 time=0.522 ms

--- 2620:52:0:2246:1800:ff:fe00:93 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1925ms
rtt min/avg/max/mdev = 0.352/0.437/0.522/0.085 ms

# ccs -h virt-146 --lsnodes
virt-146.cluster-qe.lab.eng.brq.redhat.com: votes=1, nodeid=1
virt-147.cluster-qe.lab.eng.brq.redhat.com: votes=1, nodeid=2

# ccs -h virt-146 --addresource ip address=2620:52:0:2246:1800:ff:fe00:93/64
# ccs -h virt-146 --addservice group-ip
# ccs -h virt-146 --addsubservice group-ip ip ref=2620:52:0:2246:1800:ff:fe00:93/64

# ccs -h virt-146 --lsservices
service: name=group-ip, autostart=0
  ip: ref=2620:52:0:2246:1800:ff:fe00:93/64
resources:
  ip: address=2620:52:0:2246:1800:ff:fe00:93/64

before patch: resource-agents-3.9.5-24.el6.x86_64
=================================================
virt-146# clusvcadm -e group-ip
Local machine trying to enable service:group-ip...Failure

virt-146# tail /var/log/cluster/rgmanager.log
...
Mar 30 10:58:31 rgmanager Starting stopped service service:group-ip
Mar 30 10:58:31 rgmanager [ip] Link for eth0: Detected
Mar 30 10:58:32 rgmanager [ip] Adding IPv6 address 2620:52:0:2246:1800:ff:fe00:93/64 to eth0
Mar 30 10:58:32 rgmanager [ip] Pinging addr 2620:52:0:2246:1800:ff:fe00:93 from dev eth0
Mar 30 10:58:33 rgmanager [ip] IPv6 address collision 2620:52:0:2246:1800:ff:fe00:93
Mar 30 10:58:33 rgmanager start on ip "2620:52:0:2246:1800:ff:fe00:93/64" returned 1 (generic error)
Mar 30 10:58:33 rgmanager #68: Failed to start service:group-ip; return value: 1
Mar 30 10:58:33 rgmanager Stopping service service:group-ip

corrected version: 3.9.5-34.el6.x86_64
======================================
virt-146# clusvcadm -e group-ip
Local machine trying to enable service:group-ip...Failure

virt-146# tail /var/log/cluster/rgmanager.log
...
Mar 30 11:10:03 rgmanager Starting stopped service service:group-ip
Mar 30 11:10:03 rgmanager [ip] Link for eth0: Detected
Mar 30 11:10:03 rgmanager [ip] Adding IPv6 address 2620:52:0:2246:1800:ff:fe00:93/64 to eth0
Mar 30 11:10:04 rgmanager [ip] IPv6 address collision 2620:52:0:2246:1800:ff:fe00:93 [DAD]
Mar 30 11:10:04 rgmanager start on ip "2620:52:0:2246:1800:ff:fe00:93/64" returned 1 (generic error)
Mar 30 11:10:04 rgmanager #68: Failed to start service:group-ip; return value: 1
Mar 30 11:10:04 rgmanager Stopping service service:group-ip
Comment 12 errata-xmlrpc 2016-05-10 19:13:27 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-0735.html