[Yahoo-eng-team] [Bug 1637118] [NEW] Nova erroneously asserts a subnet is required on a network to boot an instance

Public bug reported: Deploying an instance attached to a network with a subnet is infact valid, since that instance could communicate via IPv6 link-local addresses or non-IP protocols. Obviously nova metadata wouldn't work, but the instance could otherwise be used. Nova should not assert that a ne

[Yahoo-eng-team] [Bug 1638130] [NEW] SLaaC or DHCPv6 stateless doesn't work on isolated Neutron networks

Public bug reported: On an isolated IPv6 network no router advertisements are sent, so the instances are unable to discover what prefix to use. To enabled instances to discover which prefixes are on-link router advertisements with a router lifetime of zero should be sent (from the DHCP namespace)

[Yahoo-eng-team] [Bug 1531660] [NEW] Neutron linuxbridge agent no longer accepts an IPv6 VXLAN local_ip

Public bug reported: Neutron linuxbridge agent no longer accepts cfg.CONF.VXLAN.local_ip as an IPv6 address. Prior to 9fc45cee this restriction wasn't in place. Neutron ML2 with the linuxbridge mechanism driver had supported VXLAN over IPv6 since IceHouse. /etc/neutron/plugins/ml2/ml2_conf.ini:

[Yahoo-eng-team] [Bug 1533341] [NEW] Neutron MTU overhead computation assumes IPv4

Public bug reported: Neutron's MTU computation assumes 50 bytes overhead for VXLAN. This is correct for IPv4, but in the case of IPv6 the the overhead is 70 bytes. Similar assumptions are made for GRE and Geneve tunnels. Additionally 802.1q tags could increase overhead by 4. See: http://keepingi

[Yahoo-eng-team] [Bug 1622753] [NEW] [RFE] Block non-IP traffic in security groups/firewall driver

Public bug reported: Presently the IPTables firewall driver (the reference security group implementation) permits all non-IP traffic to ingress and egress an instance port. This should be altered to block non-IP traffic by default. Security groups are a collection of rules which specify which tra

[Yahoo-eng-team] [Bug 1544861] Re: LBaaS: connection limit does not work with HA Proxy

** Also affects: octavia Importance: Undecided Status: New ** Changed in: octavia Status: New => In Progress -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1544861 Title:

[Yahoo-eng-team] [Bug 1629066] [NEW] RFE Optionally bind load balancer instance to multiple IPs to increase available (source IP, source port) space to support > 64k connections to a single backend

Public bug reported: This limitation arose in while testing Neutron LBaaS using the HAProxy namespace driver, but applies to other proxying type backends including Octavia. A single load balancer instance (network namespace, or amphora) can only establish as many concurrent TCP connections to a si

[Yahoo-eng-team] [Bug 1469322] [NEW] Associating a floatingip with a dual stack port requires the fixed-address to be specified

Public bug reported: Associating a floatingip with a dual stack port fails unless the IPv4 address is specified with the fixed-ip-address parameter. Presently when a user attempts to associate a floatingip with a port which an IPv4 and IPv6 address Neutron returns 'Bad floatingip request: Port %s

[Yahoo-eng-team] [Bug 1557119] [NEW] Services and Agents DevRef doesn't describe configuration seperation

Public bug reported: Presently the services and agents DevRef doesn't describe how configuration options should be separated. ** Affects: neutron Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is s

[Yahoo-eng-team] [Bug 1575225] [NEW] Neutron only permits IPv6 MLDv1 not v2

ps://www.ietf.org/rfc/rfc3810.txt ** Affects: neutron Importance: Undecided Assignee: Dustin Lundquist (dlundquist) Status: In Progress ** Tags: ipv6 ** Description changed: - IPv6 Multicast Listener Discovery (MLD) v2 is used on recent version of - Linux, currently Neutron only

[Yahoo-eng-team] [Bug 1459856] [NEW] Neutron ipv6_utils.is_enabled() uses /proc/sys/net/ipv6/conf/default/disable_ipv6

Public bug reported: Neutron uses /proc/sys/net/ipv6/conf/default/disable_ipv6 to determine if IPv6 should be enabled, but there are legitimate cases where this sysctl may be set in an IPv6 deployment. By default Linux assigns link-local address to all new interfaces if this sysctl is not enabled

[Yahoo-eng-team] [Bug 1600326] [NEW] neutron-lbaas health monitor timeout and delay values intepreated as milliseconds

Public bug reported: The timeout and delay values on the health monitor objects in Neutron LBaaS are purportedly in units of seconds, but the numeric value is passed all the the way down to the HAProxy configuration[1] file (in both the HAProxy namespace driver and Octavia) where it is interpreted

[Yahoo-eng-team] [Bug 1544861] Re: LBaaS: connection limit does not work with HA Proxy

Resurrecting this bug, since we ran into it. It looks like maxconn in HAproxy is a bit more nuanced: the global maxconn setting will cause HAProxy is used to compute the maximum number of socket and file descriptor ulimits, while the listener maxconn is used to limit connections on a specific liste

[Yahoo-eng-team] [Bug 1319082] [NEW] openvswitch agent klm version detection fails on newer kernels

Public bug reported: In neutron/agent/linux/ovs_lib.py get_installed_ovs_klm_version() uses modinfo to detect the version of Open vSwitch provided by the kernel module. The current code simply invokes 'modinfo openvswitch' and looks for the version: line. Now that Open vSwitch has been merged

[Yahoo-eng-team] [Bug 1319082] Re: openvswitch agent klm version detection fails on newer kernels

*** This bug is a duplicate of bug 1291535 *** https://bugs.launchpad.net/bugs/1291535 ** This bug has been marked a duplicate of bug 1291535 'Unable to retrieve OVS kernel module version' when _not_ using DKMS openvswitch module -- You received this bug notification because you are a me