Chapter 16. Tenant Networking with IPv6


This chapter describes how to implement IPv6 subnets in a tenant network. In addition to tenant networking, as of director 7.3, IPv6-native deployments can be configured for the overcloud nodes.

Red Hat OpenStack Platform 6 added support for IPv6 in tenant networks. IPv6 subnets are created within existing tenant networks, and support a number of address assignment modes: Stateless Address Autoconfiguration (SLAAC), Stateful DHCPv6, and Stateless DHCPv6. This chapter describes the IPv6 subnet creation options, and provides an example procedure that runs through these steps.

16.1. IPv6 subnet options

IPv6 subnets are created using the neutron subnet-create command. In addition, you can optionally specify the address mode and the Router Advertisement mode. The possible combinations of these options are explained below:

RA ModeAddress ModeResult

ipv6_ra_mode=not set

ipv6-address-mode=slaac

The instance receives an IPv6 address from the external router (not managed by OpenStack Networking) using SLAAC.

ipv6_ra_mode=not set

ipv6-address-mode=dhcpv6-stateful

The instance receives an IPv6 address and optional information from OpenStack Networking (dnsmasq) using DHCPv6 stateful.

ipv6_ra_mode=not set

ipv6-address-mode=dhcpv6-stateless

The instance receives an IPv6 address from the external router using SLAAC, and optional information from OpenStack Networking (dnsmasq) using DHCPv6 stateless.

ipv6_ra_mode=slaac

ipv6-address-mode=not-set

The instance uses SLAAC to receive an IPv6 address from OpenStack Networking (radvd).

ipv6_ra_mode=dhcpv6-stateful

ipv6-address-mode=not-set

The instance receives an IPv6 address and optional information from an external DHCPv6 server using DHCPv6 stateful.

ipv6_ra_mode=dhcpv6-stateless

ipv6-address-mode=not-set

The instance receives an IPv6 address from OpenStack Networking (radvd) using SLAAC, and optional information from an external DHCPv6 server using DHCPv6 stateless.

ipv6_ra_mode=slaac

ipv6-address-mode=slaac

The instance receives an IPv6 address from OpenStack Networking (radvd) using SLAAC.

ipv6_ra_mode=dhcpv6-stateful

ipv6-address-mode=dhcpv6-stateful

The instance receives an IPv6 address from OpenStack Networking (dnsmasq) using DHCPv6 stateful, and optional information from OpenStack Networking (dnsmasq) using DHCPv6 stateful.

ipv6_ra_mode=dhcpv6-stateless

ipv6-address-mode=dhcpv6-stateless

The instance receives an IPv6 address from OpenStack Networking (radvd) using SLAAC, and optional information from OpenStack Networking (dnsmasq) using DHCPv6 stateless.

16.1.1. Create an IPv6 subnet using Stateful DHCPv6

This procedure makes use of the settings explained above to create an IPv6 subnet in a tenant network. The initial steps gather the necessary tenant and network information, then use this to construct a subnet creation command.

Note

OpenStack Networking only supports EUI-64 IPv6 address assignment for SLAAC. This allows for simplified IPv6 networking, as hosts will self-assign addresses based on the base 64-bits plus MAC address. Attempts to create subnets with a different netmask and address_assign_type of SLAAC will fail.

1. Retrieve the tenant id of the Project where you want to create the IPv6 subnet. These values are unique between OpenStack deployments, so your value will differ from the one supplied. In this example, the QA tenant will receive the IPv6 subnet.

# openstack project list
+----------------------------------+----------+
| ID                               | Name     |
+----------------------------------+----------+
| 25837c567ed5458fbb441d39862e1399 |    QA    |
| f59f631a77264a8eb0defc898cb836af |  admin   |
| 4e2e1951e70643b5af7ed52f3ff36539 |   demo   |
| 8561dff8310e4cd8be4b6fd03dc8acf5 | services |
+----------------------------------+----------+

2. Retrieve a list of all networks present in OpenStack Networking (neutron), and note the name of the network that will host the IPv6 subnet. In this example, database-servers will be used.

# neutron net-list
+--------------------------------------+------------------+-------------------------------------------------------------+
| id                                   | name             | subnets                                                     |
+--------------------------------------+------------------+-------------------------------------------------------------+
| 8357062a-0dc2-4146-8a7f-d2575165e363 | private          | c17f74c4-db41-4538-af40-48670069af70 10.0.0.0/24            |
| 31d61f7d-287e-4ada-ac29-ed7017a54542 | public           | 303ced03-6019-4e79-a21c-1942a460b920 172.24.4.224/28        |
| 6aff6826-4278-4a35-b74d-b0ca0cbba340 | database-servers |                                                             |
+--------------------------------------+------------------+-------------------------------------------------------------+

3. Use the QA tenant-id (25837c567ed5458fbb441d39862e1399) from the above steps to construct the network creation command. Another requirement is the name of the destination network that will host the IPv6 subnet. In this example, the database-servers network is used:

# neutron subnet-create --ip-version 6 --ipv6_address_mode=dhcpv6-stateful --tenant-id 25837c567ed5458fbb441d39862e1399 database-servers fdf8:f53b:82e4::53/125

Created a new subnet:
+-------------------+--------------------------------------------------------------+
| Field             | Value                                                        |
+-------------------+--------------------------------------------------------------+
| allocation_pools  | {"start": "fdf8:f53b:82e4::52", "end": "fdf8:f53b:82e4::56"} |
| cidr              | fdf8:f53b:82e4::53/125                                       |
| dns_nameservers   |                                                              |
| enable_dhcp       | True                                                         |
| gateway_ip        | fdf8:f53b:82e4::51                                           |
| host_routes       |                                                              |
| id                | cdfc3398-997b-46eb-9db1-ebbd88f7de05                         |
| ip_version        | 6                                                            |
| ipv6_address_mode | dhcpv6-stateful                                              |
| ipv6_ra_mode      |                                                              |
| name              |                                                              |
| network_id        | 6aff6826-4278-4a35-b74d-b0ca0cbba340                         |
| tenant_id         | 25837c567ed5458fbb441d39862e1399                             |
+-------------------+--------------------------------------------------------------+

4. Validate this configuration by reviewing the network list. Note that the entry for database-servers now reflects the newly created IPv6 subnet:

# neutron net-list
+--------------------------------------+------------------+-------------------------------------------------------------+
| id                                   | name             | subnets                                                     |
+--------------------------------------+------------------+-------------------------------------------------------------+
| 6aff6826-4278-4a35-b74d-b0ca0cbba340 | database-servers | cdfc3398-997b-46eb-9db1-ebbd88f7de05 fdf8:f53b:82e4::50/125 |
| 8357062a-0dc2-4146-8a7f-d2575165e363 | private          | c17f74c4-db41-4538-af40-48670069af70 10.0.0.0/24            |
| 31d61f7d-287e-4ada-ac29-ed7017a54542 | public           | 303ced03-6019-4e79-a21c-1942a460b920 172.24.4.224/28        |
+--------------------------------------+------------------+-------------------------------------------------------------+

As a result of this configuration, instances created by the QA tenant are able to receive a DHCP IPv6 address when added to the database-servers subnet:

# nova list
+--------------------------------------+------------+--------+------------+-------------+-------------------------------------+
| ID                                   | Name       | Status | Task State | Power State | Networks                            |
+--------------------------------------+------------+--------+------------+-------------+-------------------------------------+
| fad04b7a-75b5-4f96-aed9-b40654b56e03 | corp-vm-01 | ACTIVE | -          | Running     | database-servers=fdf8:f53b:82e4::52 |
+--------------------------------------+------------+--------+------------+-------------+-------------------------------------+
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.