git.opendaylight Code Review - netvirt.git/commit

author	Somashekar Byrappa <somashekar.b@altencalsoftlabs.com>
	Mon, 26 Mar 2018 13:30:06 +0000 (19:00 +0530)
committer	Sam Hague <shague@redhat.com>
	Thu, 12 Apr 2018 18:40:05 +0000 (18:40 +0000)
commit	e40f321fb84f0f72372f4b5cb05a1ae378ac0989
tree	31e47d5a85e29ac959520c03026b230873bd76ae	tree \| snapshot
parent	1f534e30c9fb1ae68a875371cb778c038c070609	commit \| diff

NETVIRT-1193: ACL dropping IPv6 RA packets from external router.

When an IPv6 subnet is created without specifying ipv6_ra_mode,
it is expected that the VMs with this subnet obtains global IPv6
address from non-OpenStack router using SLAAC.

Hence added below ACL flow to allow IPv6 RA packets from external
router if ipv6_ra_mode is not specified.
Since ipv6_src for RA packets are always link-local address, flow
contains match ipv6_src=fe80::/10 to allow from entire link-local
prefix.

cookie=0x6900000, duration=12.117s, table=240, n_packets=0, n_bytes=0, priority=63010,icmp6,reg6=0x400/0xfffff00,ipv6_src=fe80::/10,icmp_type=134,icmp_code=0 actions=resubmit(,220)

Change-Id: I030a99dd2e4385748a6b49cb2735e154b229da01
Signed-off-by: Somashekar Byrappa <somashekar.b@altencalsoftlabs.com>

15 files changed:

aclservice/api/src/main/java/org/opendaylight/netvirt/aclservice/api/utils/AclInterface.java		diff \| blob \| history
aclservice/api/src/main/yang/aclservice.yang		diff \| blob \| history
aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/AbstractAclServiceImpl.java		diff \| blob \| history
aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/EgressAclServiceImpl.java		diff \| blob \| history
aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/IngressAclServiceImpl.java		diff \| blob \| history
aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/listeners/AclInterfaceListener.java		diff \| blob \| history
aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/listeners/AclInterfaceStateListener.java		diff \| blob \| history
aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/utils/AclConstants.java		diff \| blob \| history
aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/utils/AclServiceUtils.java		diff \| blob \| history
aclservice/impl/src/test/java/org/opendaylight/netvirt/aclservice/tests/AclServiceTestBase.java		diff \| blob \| history
aclservice/impl/src/test/java/org/opendaylight/netvirt/aclservice/tests/IdentifiedPortSubnetBuilder.xtend	[moved from aclservice/impl/src/test/java/org/opendaylight/netvirt/aclservice/tests/IdentifiedSubnetIpPrefixBuilder.xtend with 61% similarity]	diff \| blob \| history
aclservice/shell/src/main/java/org/opendaylight/netvirt/aclservice/shell/DisplayAclDataCaches.java		diff \| blob \| history
neutronvpn/impl/src/main/java/org/opendaylight/netvirt/neutronvpn/NeutronPortChangeListener.java		diff \| blob \| history
neutronvpn/impl/src/main/java/org/opendaylight/netvirt/neutronvpn/NeutronSecurityRuleConstants.java		diff \| blob \| history
neutronvpn/impl/src/main/java/org/opendaylight/netvirt/neutronvpn/NeutronvpnUtils.java		diff \| blob \| history

NetVirt - Archived

RSS Atom