ha backup router ipv6 accept_ra broken
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
In Progress
|
Medium
|
Maximilian Stinsky |
Bug Description
When we restart the neutron-l3-agent we observe that backup routers start accepting router advertisements. This leads to routes inside the router namespace which expire.
e.g.:
$ ip netns exec qrouter-
x:x:1002:1::/64 dev qr-72f85121-ce proto kernel metric 256 expires 86355sec pref medium
x:x:1002:1::/64 dev qr-4e84792f-aa proto kernel metric 256 expires 86355sec pref medium
fe80::/64 dev ha-9d085c9d-15 proto kernel metric 256 pref medium
default via fe80::f816:
default via fe80::f816:
When we now failover to such a backup router, the kernel does not create the necessary directly attached routes because they already exist. The problem is that those routes expire and because we are now a master router the routes do not refresh from the router advertisement anymore and expire after 24h which breaks ipv6 for those routers.
After we dug a bit deeper into this issue we found that the function [1] that disables the accept_ra on the backup routers always returns false. So backup routers never get their router advertisement disabled.
master router:
$ ip netns exec qrouter-
net.ipv6.
backup router:
$ ip netns exec qrouter-
net.ipv6.
[1] https:/
tags: | added: l3-ha |
Changed in neutron: | |
importance: | Undecided → Medium |
Changed in neutron: | |
assignee: | nobody → Maximilian Stinsky (mstinsky) |
description: | updated |
Fix proposed to branch: master /review. opendev. org/c/openstack /neutron/ +/824947
Review: https:/