Bug 1265991 - When "boot protocol" is set to None on an interface, interface still gets IPv6 address
Summary: When "boot protocol" is set to None on an interface, interface still gets IPv...
Keywords:
Status: CLOSED DUPLICATE of bug 1267714
Alias: None
Product: vdsm
Classification: oVirt
Component: Core
Version: ---
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ovirt-3.5.6
: ---
Assignee: Dan Kenigsberg
QA Contact: Aharon Canan
URL:
Whiteboard: network
Depends On:
Blocks: CVE-2015-5293
TreeView+ depends on / blocked
 
Reported: 2015-09-24 09:16 UTC by David Jaša
Modified: 2016-02-10 19:16 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-09-30 18:48:40 UTC
oVirt Team: Network
Embargoed:
fdeutsch: ovirt-3.5.z?
fdeutsch: ovirt-3.6.0?
rule-engine: planning_ack?
rule-engine: devel_ack?
rule-engine: testing_ack?


Attachments (Terms of Use)

Description David Jaša 2015-09-24 09:16:49 UTC
Description of problem:
The expectation when Boot protocol is set to "None" in host network settings in engine is that no IP will be configured on the interface, forcing IP traffic from this device to go through switch. This expectation is valid for IPv4 but not for IPv6, when there is an IPv6 router sending RAs, the device will pick up autoconfigured address.

Version-Release number of selected component (if applicable):
RHEV 3.5
vdsm-4.16.26-1.el7ev.x86_64

How reproducible:
always

Steps to Reproduce:
1. set up a bridge device with "None" boot protocol on a network with working IPv6 stateless configuration
2. look up the device on the host: ip a s dev NETWORK_NAME
3.

Actual results:
12: BRIDGE_NAME: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP 
    link/ether 78:e7:d1:e0:29:3a brd ff:ff:ff:ff:ff:ff
    inet6 <GLOBAL_PREFIX>:7ae7:d1ff:fee0:293a/64 scope global dynamic 
       valid_lft 2522562sec preferred_lft 535362sec
    inet6 fe80::7ae7:d1ff:fee0:293a/64 scope link 
       valid_lft forever preferred_lft forever

Expected results:
no IP configuration will be present, v4 or v6

Additional info:
This bug might have some security implications - CCing Petr

Comment 6 Kurt Seifried 2015-09-30 18:48:40 UTC
Marking as a duplicate of 1267714 (CVE bug).

*** This bug has been marked as a duplicate of bug 1267714 ***


Note You need to log in before you can comment on or make changes to this bug.