Bug 1265991 - When "boot protocol" is set to None on an interface, interface still gets IPv6 address
When "boot protocol" is set to None on an interface, interface still gets IPv...
Status: CLOSED DUPLICATE of bug 1267714
Product: vdsm
Classification: oVirt
Component: Core (Show other bugs)
---
Unspecified Unspecified
unspecified Severity unspecified (vote)
: ovirt-3.5.6
: ---
Assigned To: Dan Kenigsberg
Aharon Canan
network
: Security
Depends On:
Blocks: CVE-2015-5293
  Show dependency treegraph
 
Reported: 2015-09-24 05:16 EDT by David Jaša
Modified: 2016-02-10 14:16 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-09-30 14:48:40 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: Network
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
fdeutsch: ovirt‑3.5.z?
fdeutsch: ovirt‑3.6.0?
rule-engine: planning_ack?
rule-engine: devel_ack?
rule-engine: testing_ack?


Attachments (Terms of Use)

  None (edit)
Description David Jaša 2015-09-24 05:16:49 EDT
Description of problem:
The expectation when Boot protocol is set to "None" in host network settings in engine is that no IP will be configured on the interface, forcing IP traffic from this device to go through switch. This expectation is valid for IPv4 but not for IPv6, when there is an IPv6 router sending RAs, the device will pick up autoconfigured address.

Version-Release number of selected component (if applicable):
RHEV 3.5
vdsm-4.16.26-1.el7ev.x86_64

How reproducible:
always

Steps to Reproduce:
1. set up a bridge device with "None" boot protocol on a network with working IPv6 stateless configuration
2. look up the device on the host: ip a s dev NETWORK_NAME
3.

Actual results:
12: BRIDGE_NAME: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP 
    link/ether 78:e7:d1:e0:29:3a brd ff:ff:ff:ff:ff:ff
    inet6 <GLOBAL_PREFIX>:7ae7:d1ff:fee0:293a/64 scope global dynamic 
       valid_lft 2522562sec preferred_lft 535362sec
    inet6 fe80::7ae7:d1ff:fee0:293a/64 scope link 
       valid_lft forever preferred_lft forever

Expected results:
no IP configuration will be present, v4 or v6

Additional info:
This bug might have some security implications - CCing Petr
Comment 6 Kurt Seifried 2015-09-30 14:48:40 EDT
Marking as a duplicate of 1267714 (CVE bug).

*** This bug has been marked as a duplicate of bug 1267714 ***

Note You need to log in before you can comment on or make changes to this bug.