Bug 1810817 - [4.3] fix ovn-kubernetes iptables loadbalancer rules for IPv6
Summary: [4.3] fix ovn-kubernetes iptables loadbalancer rules for IPv6
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.3.z
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 4.3.z
Assignee: Dan Winship
QA Contact: zhaozhanqi
URL:
Whiteboard:
Depends On: 1810816
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-03-05 23:07 UTC by Dan Winship
Modified: 2020-03-31 12:45 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1810814
Environment:
Last Closed: 2020-03-31 12:45:42 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Dan Winship 2020-03-05 23:07:42 UTC 
+++ This bug was initially created as a clone of Bug #1810814 +++

In an IPv6 Azure cluster, there will be error messages in the ovnkube-node logs like:

time="2020-03-05T21:14:51Z" level=error msg="Error in modifying service: failed to add iptables nat/OVN-KUBE-NODEPORT rule \"-d 2603:1030:b:3::1f -p TCP --dport 80 -j DNAT --to-destination fd99::2:31863\": running [/usr/sbin/ip6tables -t nat -C OVN-KUBE-NODEPORT -d 2603:1030:b:3::1f -p TCP --dport 80 -j DNAT --to-destination fd99::2:31863 --wait]: exit status 2: ip6tables v1.8.2 (nf_tables): Bad IP address \"fd99::2:31863\"\n\nTry `ip6tables -h' or 'ip6tables --help' for more information.\n"


(The "Bad IP address" being the relevant bit.)

We need to fix those (by putting brackets around the IP).
Comment 1 Dan Winship 2020-03-31 12:45:42 UTC 
This fix is only useful if cloud loadbalancers are otherwise working with IPv6, but they aren't in 4.3, and we don't care about this any more (in 4.3).
Note You need to log in before you can comment on or make changes to this bug.