Red Hat Bugzilla – Bug 1473366
Firewall rules prevent appliance from getting a dynamic IPv6 address
Last modified: 2017-10-12 04:51:07 EDT
Description of problem:
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Get a fresh appliance with no IPv4 networking; IPv6 only
2. Start the appliance up
3. # ip a
The appliance has no IPv6 ULA assigned (it only has a link local address).
The appliance has IPv6 ULA successfully assigned from the DHCP server.
1. systemctl stop firewalld
2. systemctl restart network
At this point, the IPv6 address is correctly assigned to the iface.
We need to open port 546/udp in the active zone.
# firewall-cmd --zone=manageiq --add-port=546/udp --permanent
# firewall-cmd --reload
# systemctl restart network
New commit detected on ManageIQ/manageiq-appliance-build/master:
Author: Nick Carboni <email@example.com>
AuthorDate: Thu Jul 20 13:33:28 2017 -0400
Commit: Nick Carboni <firstname.lastname@example.org>
CommitDate: Thu Jul 20 13:33:28 2017 -0400
Allow the DHCPv6 client through the appliance firewall
Before this change appliances would not correctly receive IPv6
addresses via DHCP.
kickstarts/partials/post/firewalld.ks.erb | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Verified in 188.8.131.52