- --- a/neutron/agent/l3/router_info.py 2017-01-26 15:02:57.275514546 -0600
- +++ b/neutron/agent/l3/router_info.py 2017-01-26 15:04:12.064516288 -0600
- @@ -28,6 +28,8 @@
- from neutron.common import utils as common_utils
- from neutron.ipam import utils as ipam_utils
- +import six
- +
- LOG = logging.getLogger(__name__)
- INTERNAL_DEV_PREFIX = namespaces.INTERNAL_DEV_PREFIX
- EXTERNAL_DEV_PREFIX = namespaces.EXTERNAL_DEV_PREFIX
- @@ -52,6 +54,7 @@
- self._snat_enabled = None
- self.fip_map = {}
- self.internal_ports = []
- + self.pd_subnets = {}
- self.floating_ips = set()
- # Invoke the setter for establishing initial SNAT action
- self.router = router
- @@ -212,6 +215,19 @@
- self.iptables_manager.apply()
- + def _process_pd_iptables_rules(self, prefix, subnet_id):
- + """Configure iptables rules for prefix delegated subnets"""
- + ext_scope = self._get_external_address_scope()
- + ext_scope_mark = self.get_address_scope_mark_mask(ext_scope)
- + ex_gw_device = self.get_external_device_name(
- + self.get_ex_gw_port()['id'])
- + scope_rule = self.address_scope_mangle_rule(ex_gw_device,
- + ext_scope_mark)
- + self.iptables_manager.ipv6['mangle'].add_rule(
- + 'scope',
- + '-d %s ' % prefix + scope_rule,
- + tag=('prefix_delegation_%s' % subnet_id))
- +
- def process_floating_ip_address_scope_rules(self):
- """Configure address scope related iptables rules for the router's
- floating IPs.
- @@ -527,6 +543,7 @@
- for subnet in p['subnets']:
- if ipv6_utils.is_ipv6_pd_enabled(subnet):
- pd.disable_subnet(self.router_id, subnet['id'])
- + del self.pd_subnets[subnet['id']]
- updated_cidrs = []
- if updated_ports:
- @@ -554,6 +571,7 @@
- subnet['cidr'],
- old_prefix,
- updated_cidrs)
- + self.pd_subnets[subnet['id']] = subnet['cidr']
- enable_ra = True
- # Enable RA
- @@ -983,6 +1001,9 @@
- iptables['filter'].add_rule(
- 'scope',
- self.address_scope_filter_rule(device_name, mark))
- + for subnet_id, prefix in six.iteritems(self.pd_subnets):
- + if prefix != n_const.PROVISIONAL_IPV6_PD_PREFIX:
- + self._process_pd_iptables_rules(prefix, subnet_id)
- def process_ports_address_scope_iptables(self):
- ports_scopemark = self._get_address_scope_mark()