ifupdown2: Disable IPv6 duplicate address detection on VRR interfaces

Ticket: CM-11511 Reviewed By: CCR-4890 Testing Done: Used "address-virtual" keyword to create VRR interface with IPv6 address. Checked sysctl and dad failures. In a VRR setup, both switches are programmed with the same IPv6 address and that address is active on both switches. This causes the IPv6 duplicate address detection to kick in and diable the use of one of the address on one of the switches. This patch causes duplicate address detection to be disabled on VRR interfaces by setting the net.ipv6.conf.<ifname>.accept_dad and net.ipv6.conf.<ifname>.dad_transmits sysctl's to 0. The only IPv6 addresses which are defined on these interfaces are the virtual addresses and the link local address (which is unused). No other operational IPv6 addresses should ever be assigned to these interfaces. Instead, operational IPv6 addresses should be assigned to the "base", or lower, interface of the VRR interface.
2024-05-06 15:54:50 +00:00 · 2016-06-23 14:58:14 -07:00
parent 5b7f45794f
commit f8ad40ceea
1 changed files with 6 additions and 0 deletions
--- a/addons/addressvirtual.py
+++ b/addons/addressvirtual.py
@ -196,6 +196,12 @@ class addressvirtual(moduleBase):
                if lower_iface_mtu and lower_iface_mtu != self.ipcmd.link_get_mtu(macvlan_ifacename):
                    self.ipcmd.link_set_mtu(macvlan_ifacename, lower_iface_mtu)

+            # Disable IPv6 duplicate address detection on VRR interfaces
+            for key, sysval in { 'accept_dad' : '0', 'dad_transmits' : '0' }.iteritems():
+                syskey = 'net.ipv6.conf.%s.%s' % (macvlan_ifacename, key)
+                if self.sysctl_get(syskey) != sysval:
+                    self.sysctl_set(syskey, sysval)
+
            av_idx += 1
        self.ipcmd.batch_commit()