Public bug reported:
No ipv6 address assigned to ipsec.conf 'left' and "leftid" paramter if gateway
has both ipv4 and ipv6 addresses.
Gateway has both ipv4 and ipv6 address as public network has both ipv4 and ipv6
subnets.
I am trying vpn-service and ipsec-site-connection create with ipv6,
neutron vpn-service-create --name myvpn --description "My vpn service" router1
ipv6-private-subnet
neutron ipsec-site-connection-create --name vpnconnection2 --vpnservice-id
myvpnB --ikepolicy-id ikepolicy --ipsecpolicy-id ipsecpolicy --peer-address
2001:db8::3 --peer-id 2001:db8::3 --peer-cidr fd8c:26c9:6aef::/64 --psk secret
Still only ipv4 address is assigned to "left" and "leftid" params in ipsec.conf.
As I am trying ipsec-site-connection with ipv6(gave ipv6 subnet during
vpn-service-create), ipv6 address should be assigned to these params.
cat
/opt/stack/data/neutron/ipsec/909081d8-db4c-4644-8cea-c52db27bd7e6/etc/ipsec.conf
conn 7ca1246e-8fd8-416a-9b39-f1b936760c59
keyexchange=ikev1
left=172.24.4.3
leftsubnet=fd8c:26c9:6aef::/64
leftid=172.24.4.3
leftfirewall=yes
right=2001:db8::4
rightsubnet=1001::/64
rightid=2001:db8::4
auto=route
I think we are always selecting the first address for "external_ip" for
vpn_service
def make_vpnservice_dict(self, vpnservice):
vpnservice_dict['external_ip'] = vpnservice.router.gw_port[
'fixed_ips'][0]['ip_address']
Need to fix this based on ip version.
** Affects: neutron
Importance: Undecided
Assignee: venkata anil (anil-venkata)
Status: New
** Tags: vpnaas
** Changed in: neutron
Assignee: (unassigned) => venkata anil (anil-venkata)
** Tags added: vpnaas
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1450479
Title:
[IPv6] [VPNaaS]left=<ipv6_addr> not allowed when gw has both v4 & v6
address
Status in OpenStack Neutron (virtual network service):
New
Bug description:
No ipv6 address assigned to ipsec.conf 'left' and "leftid" paramter if
gateway has both ipv4 and ipv6 addresses.
Gateway has both ipv4 and ipv6 address as public network has both ipv4 and
ipv6 subnets.
I am trying vpn-service and ipsec-site-connection create with ipv6,
neutron vpn-service-create --name myvpn --description "My vpn service"
router1 ipv6-private-subnet
neutron ipsec-site-connection-create --name vpnconnection2 --vpnservice-id
myvpnB --ikepolicy-id ikepolicy --ipsecpolicy-id ipsecpolicy --peer-address
2001:db8::3 --peer-id 2001:db8::3 --peer-cidr fd8c:26c9:6aef::/64 --psk secret
Still only ipv4 address is assigned to "left" and "leftid" params in
ipsec.conf.
As I am trying ipsec-site-connection with ipv6(gave ipv6 subnet during
vpn-service-create), ipv6 address should be assigned to these params.
cat
/opt/stack/data/neutron/ipsec/909081d8-db4c-4644-8cea-c52db27bd7e6/etc/ipsec.conf
conn 7ca1246e-8fd8-416a-9b39-f1b936760c59
keyexchange=ikev1
left=172.24.4.3
leftsubnet=fd8c:26c9:6aef::/64
leftid=172.24.4.3
leftfirewall=yes
right=2001:db8::4
rightsubnet=1001::/64
rightid=2001:db8::4
auto=route
I think we are always selecting the first address for "external_ip"
for vpn_service
def make_vpnservice_dict(self, vpnservice):
vpnservice_dict['external_ip'] = vpnservice.router.gw_port[
'fixed_ips'][0]['ip_address']
Need to fix this based on ip version.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1450479/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
