Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1810817

Summary: [4.3] fix ovn-kubernetes iptables loadbalancer rules for IPv6
Product: OpenShift Container Platform Reporter: Dan Winship <danw>
Component: NetworkingAssignee: Dan Winship <danw>
Networking sub component: ovn-kubernetes QA Contact: zhaozhanqi <zzhao>
Status: CLOSED WONTFIX Docs Contact:
Severity: unspecified    
Priority: unspecified CC: zzhao
Version: 4.3.z   
Target Milestone: ---   
Target Release: 4.3.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1810814 Environment:
Last Closed: 2020-03-31 12:45:42 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1810816    
Bug Blocks:    

Description Dan Winship 2020-03-05 23:07:42 UTC 
+++ This bug was initially created as a clone of Bug #1810814 +++

In an IPv6 Azure cluster, there will be error messages in the ovnkube-node logs like:

time="2020-03-05T21:14:51Z" level=error msg="Error in modifying service: failed to add iptables nat/OVN-KUBE-NODEPORT rule \"-d 2603:1030:b:3::1f -p TCP --dport 80 -j DNAT --to-destination fd99::2:31863\": running [/usr/sbin/ip6tables -t nat -C OVN-KUBE-NODEPORT -d 2603:1030:b:3::1f -p TCP --dport 80 -j DNAT --to-destination fd99::2:31863 --wait]: exit status 2: ip6tables v1.8.2 (nf_tables): Bad IP address \"fd99::2:31863\"\n\nTry `ip6tables -h' or 'ip6tables --help' for more information.\n"


(The "Bad IP address" being the relevant bit.)

We need to fix those (by putting brackets around the IP).
Comment 1 Dan Winship 2020-03-31 12:45:42 UTC 
This fix is only useful if cloud loadbalancers are otherwise working with IPv6, but they aren't in 4.3, and we don't care about this any more (in 4.3).