[Yahoo-eng-team] [Bug 1789403] [NEW] ip6tables rules for PD subnets not fully recreated at l3-agent restart

Public bug reported: currently ip6tables in the qrouter namespace has the following rule. This causes unmarked packets to drop. -A neutron-l3-agent-scope -o qr-f4eceee5-a4 -m mark ! --mark 0x400/0x -j DROP In a related bug (1570122) there was a problem that prefix-delegated sub-nets

[Yahoo-eng-team] [Bug 1859759] [NEW] Keystone is unable to remove role-assignment for deleted LDAP users

Public bug reported: We are experiencing issues when trying to remove role-assignments for users that were in our LDAP catalog, but now is deleted. We use LDAP as a read-only source of usernames/passwords, and the rest is stored in keystones mysql database. We are currently running keystone