I was reminded that scapy is under GPLv2 license so we cannot make it as
the dependency of Neutron.
There are also some IPv6 utilities from ryu.lib.packet which can be
leveraged to send out neighbor advertisement. Is it OK to make ryu as a
dependency and make this as a binary and call it from
Hi,
As we talked in last IPv6 sub-team meeting, I was able to construct and
send IPv6 unsolicited neighbor advertisement for external gateway
interface by python tool *scapy*:
http://www.secdev.org/projects/scapy/
http://www.idsv6.de/Downloads/IPv6PacketCreationWithScapy.pdf
However, I am
Does running the python script with ip netns exec not work correctly?
On Thu, Sep 25, 2014 at 2:05 AM, Xu Han Peng pengxu...@gmail.com wrote:
Hi,
As we talked in last IPv6 sub-team meeting, I was able to construct and send
IPv6 unsolicited neighbor advertisement for external gateway interface
Sending unsolicited NA by scapy is like this:
from scapy.all import send, IPv6, ICMPv6ND_NA, ICMPv6NDOptDstLLAddr
target_ll_addr = ICMPv6NDOptDstLLAddr(lladdr = mac_address)
unsolicited_na=ICMPv6ND_NA(R=1, S=0, O=1, tgt=target)
You are going to have to make this as a separate binary and call it
via rootwrap ip netns exec. While it is possible to change network
namespaces in python, you aren’t going to be able to do this consistently
without root access, so it will need to be guarded by rootwrap anyway.
Vish
On Sep 25,
Carl,
Seem so. I think internal router interface and external gateway port
GARP are taken care by keepalived during failover. And if HA is not
enable, _send_gratuitous_arp is called to send out GARP.
I think we will need to take care IPv6 for both cases since keepalived
1.2.0 support IPv6.
Carl,
Thanks a lot for your reply!
If I understand correctly, in VRRP case, keepalived will be responsible
for sending out GARPs? By checking the code you provided, I can see all
the _send_gratuitous_arp_packet call are wrapped by if not is_ha
condition.
Xu Han
On 09/04/2014 06:06 AM,
Hi Xu Han,
Since I sent my message yesterday there has been some more discussion
in the review on that patch set. See [1] again. I think your
assessment is likely correct.
Carl
[1] https://review.openstack.org/#/c/70700/37/neutron/agent/l3_ha_agent.py
On Thu, Sep 4, 2014 at 3:32 AM, Xu Han
It should be noted that send_arp_for_ha is a configuration option
that preceded the more recent in-progress work to add VRRP controlled
HA to Neutron's router. The option was added, I believe, to cause the
router to send (default) 3 GARPs to the external gateway if the router
was removed from one
Sounds impressive! :-D
On 1 September 2014 23:52, Xu Han Peng pengxu...@gmail.com wrote:
Anthony,
Thanks for your reply.
If HA method like VRRP are used for IPv6 router, according to the VRRP RFC
with IPv6 included, the servers should be auto-configured with the active
router's LLA as
Anthony,
Thanks for your reply.
If HA method like VRRP are used for IPv6 router, according to the VRRP
RFC with IPv6 included, the servers should be auto-configured with the
active router's LLA as the default route before the failover happens and
still remain that route after the failover.
Anthony and Robert,
Thanks for your reply. I don't know if the arping is there for NAT, but
I am pretty sure it's for HA setup to broadcast the router's own change
since the arping is controlled by send_arp_for_ha config. By checking
the man page of arping, you can find the arping -A we use
Anthony and Robert,
Thanks for your reply. I don't know if the arping is there for NAT, but I am
pretty sure it's for HA setup to broadcast the router's own change since the
arping is controlled by send_arp_for_ha config. By checking the man page of
arping, you can find the arping -A we use
Hi Xuhan,
What I saw is that GARP is sent to the gateway port and also to the router
ports, from a neutron router. I’m not sure why it’s sent to the router ports
(internal network). My understanding for arping to the gateway port is that it
is needed for proper NAT operation. Since we are not
Hi Xuhan,
What I saw is that GARP is sent to the gateway port and also to the router
ports, from a neutron router. I’m not sure why it’s sent to the router ports
(internal network). My understanding for arping to the gateway port is that it
is needed for proper NAT operation. Since we are not
As a follow-up action of yesterday's IPv6 sub-team meeting, I would like to
start a discussion about how to support l3 agent HA when IP version is
IPv6.
This problem is triggered by bug [1] where sending gratuitous arp packet
for HA doesn't work for IPv6 subnet gateways. This is because neighbor
16 matches
Mail list logo