deploying ipv6 on openstack
TRANSCRIPT
Agenda
● IPv6 Overview● IPv6 address management● IPv6 deployments options and consideration
points in OpenStack● Deploying and Troubleshooting
IPv4: Running Out of Addresses
- Short term solutions included:+ NAT (Network Address Translation)+ Private address space+ CIDR (Classless Inter-Domain Routing)
- Long-term solution: IPv6
Introducing IPv6
● Not a “new” protocol.● Developed mid to late
1990s.● Much learned from IPv4.● 128-bit address space,
written in hexadecimal.● This gives us 340
undecillion addresses!
IPv6 Overview
● IPv6 is not just about more addresses: ○ Stateless autoconfiguration○ End-to-end reachability without private addresses
and NAT○ Better support for mobility○ Peer-to-peer networking easier to create and
maintain, and services such as VoIP and Quality of Service (QoS) become more robust.
○ Security○ Routing
IPv5 ?
IPv10 ?
Is ‘IPv6’ faster ?
IPv6 address configuration modes
Three configuration modes:
● SLAAC● DHCPv6 stateless● DHCPv6stateful
The configuration mode is determined based on RA flag:● M (Managed) => 0
(RA/DHCPv6 stateless), 1 (DHCPv6 stateful
● O (Other) => 0 (SLAAC), 1 (use DHCPv6)
SLAAC (Stateless Address Autoconfiguration)
● IPv6 address of a client is configured based on RA (Router advertisement)
● Gateway is also configured.● Optionally, DNS information(if RFC6106), MTU and so on can be
configured.● Only /64 prefix is used
DHCP v6 Stateless
● IPv6 address is configured based on RA● Other information is retrieved via DHCPv6● Looks used most commonly● Only way to distribute DNS info before RFC6106
DHCP v6 Stateful
● All information is configured based on DHCPv6● There is information that GW is not configured properly.
IPv6 on Openstack
Two attributes related to IPv6 address configuration:
- Ipv6_address_mode: Control of how addressing is handled by OpenStack
- Ipv6_ra_mode: Control of router advertisements for a subnet
There are constraints between two modes
- OpenStacknetworking guide- https://docs.openstack.org/ocata/networking-guide/config-ipv6
.html- https://access.redhat.com/documentation/en-us/red_hat_opens
tack_platform/9/html/networking_guide/sec-ipv6
● IPv6 address mode: Specifies how IPv6 address is generated and assigned, IPAM is mainly involved in it and Also controls if the reference DHCP implementation serves● “Slaac”: Neutron generates a port address based on MAC address
(EUI-64)● “Dhcpv6-stateless”:
- Neutron generates a port address based on MAC address (EUI-64)- Neutron provides DHCP options for port
● “Dhcpv6-stateful”- Any address can be configured- Perhaps non-/64 prefix can be used
● Not Specified (N/S)- (Backward compatibility)- Any static address can be configured.
● IPv6 RA mode: Specifies how neutron router sends RA● "slaac"● "dhcpv6-stateles"● "dhcpv6-stateful"
- Neutron setup radvd on a router and provides RA- RA flags are set accordingly
● Not Specified (N/S)- Neutron does nothing.- radvd on a router is not setup
The behavior of the neutron router for IPv6
- Internal router ports, that act as default gateway ports for a network, will share a common port for all IPv6 subnets associated with the network.
- Neutron tenant networks that are assigned Global Unicast Address (GUA) prefixes and addresses don’t require NAT on the neutron router external gateway port to access the outside world
- GUA IPv6 subnet prefix is not necessarily needed for the neutron external network. By default, a IPv6 LLA associated with the external gateway port can be used for routing purposes.
Changelog on images (glance)
RHEL / CentOS / Oracle Linux
Edit the file /etc/sysconfig/network and add the following parameter:
NETWORKING_IPV6=yes
Edit the file /etc/sysconfig/network-scripts/ifcfg-eth0 and add the following two parameters:
IPV6INIT=yes
DHCPV6C=yes
Changelog on images (glance)
Ubuntu
Edit the file /etc/dhcp/dhclient6.conf and add the following line:
timeout 10;
Edit the network configuration for the eth0 interface with the following configuration:
Edit the file /etc/network/interfaces
iface eth0 inet6 dhcp
Changelog on images (glance)
Windows
netsh interface ipv6 set interface 15 routerdiscovery=disabled netsh interface ipv6 set interface 15 managedaddress=enabled netsh interface ipv6 set interface 15 otherstateful=enabled
https://support.microsoft.com/en-us/help/961433/how-to-configure-a-windows-vista-client-to-obtain-an-ipv6-dhcp-address