Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1364498

Summary: Unable to disable IPv6 RAs acceptance on interfaces by using nic templates/os-net-config
Product: Red Hat OpenStack Reporter: Jay Dobies <jason.dobies>
Component: openstack-tripleo-heat-templatesAssignee: Dan Sneddon <dsneddon>
Status: CLOSED WONTFIX QA Contact: Marius Cornea <mcornea>
Severity: high Docs Contact:
Priority: high    
Version: 10.0 (Newton)CC: bfournie, dbecker, dnavale, dsneddon, dtantsur, gkadam, gkumar, jason.dobies, jcoufal, jschluet, jslagle, jstransk, mburns, mcornea, mlopes, morazi, ohochman, rbartal, rhel-osp-director-maint, sclewis, tvignaud
Target Milestone: ---Keywords: Triaged, ZStream
Target Release: 10.0 (Newton)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openstack-tripleo-heat-templates-5.0.0-0.20161008015357.0d3e3e3.1 Doc Type: Bug Fix
Doc Text:
Previously, there existed a known issue where autoconfiguration and accepting RAs was enabled for IPv6 regardless of the settings in the 'ifcfg' files. With this update, you can fix this issue by setting 'net.ipv6.conf.all.autoconfiguration' and 'net.ipv6.conf.all.accept_ra' values to '0' in the 'sysctl' settings allowing the 'IPV6AUTOCONFIG=no' in the 'ifcfg' file to take effect.
 Story Points: ---
Clone Of: 1362528 Environment:
Last Closed: 2018-07-11 21:18:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1362528, 1396696    
Bug Blocks:    

Comment 6 Dan Sneddon 2016-10-14 14:55:11 UTC 
Patch merged upstream to address this: https://review.openstack.org/#/c/386201/
Comment 7 Dan Sneddon 2016-10-14 18:13:45 UTC 
Upstream patch has merged, so this should be fixed in OSP 10.
Comment 11 Marius Cornea 2016-11-24 09:27:12 UTC 
The issue is still present even though net.ipv6.conf.all.accept_ra and net.ipv6.conf.all.autoconf are now turned off by puppet:

[root@overcloud-controller-0 heat-admin]# sysctl net.ipv6.conf.all.autoconf
net.ipv6.conf.all.autoconf = 0
[root@overcloud-controller-0 heat-admin]# sysctl net.ipv6.conf.all.accept_ra
net.ipv6.conf.all.accept_ra = 0

The default route installed in the routing table:

[root@overcloud-controller-0 heat-admin]# ip -6 route show default
default via fe80::5054:ff:fe86:1d1b dev eth4  proto ra  metric 1024  expires 1476sec hoplimit 64

The static default route which should be the one installed:

[root@overcloud-controller-0 heat-admin]# cat /etc/sysconfig/network-scripts/route6-vlan100 
default via 2001:db8:ca2:4::1 dev vlan100

Moreover the route seems to get renewed so the static route never gets installed:

[root@overcloud-controller-0 heat-admin]# ip -6 route show default
default via fe80::5054:ff:fe86:1d1b dev eth4  proto ra  metric 1024  expires 1240sec hoplimit 64
[root@overcloud-controller-0 heat-admin]# ip -6 route show default
default via fe80::5054:ff:fe86:1d1b dev eth4  proto ra  metric 1024  expires 1698sec hoplimit 64

Checking the interface sysctl values I see they are turned on:

[root@overcloud-controller-0 heat-admin]# sysctl net.ipv6.conf.eth4.accept_ra
net.ipv6.conf.eth4.accept_ra = 1
[root@overcloud-controller-0 heat-admin]# sysctl net.ipv6.conf.eth4.autoconf
net.ipv6.conf.eth4.autoconf = 1