spacepaste

Paste details

reply | raw

  1.  
  2. --- a/neutron/agent/l3/router_info.py 2017-01-26 15:02:57.275514546 -0600
  3. +++ b/neutron/agent/l3/router_info.py 2017-01-26 15:04:12.064516288 -0600
  4. @@ -28,6 +28,8 @@
  5. from neutron.common import utils as common_utils
  6. from neutron.ipam import utils as ipam_utils
  8. +import six
  9. +
  10. LOG = logging.getLogger(__name__)
  11. INTERNAL_DEV_PREFIX = namespaces.INTERNAL_DEV_PREFIX
  12. EXTERNAL_DEV_PREFIX = namespaces.EXTERNAL_DEV_PREFIX
  13. @@ -52,6 +54,7 @@
  14. self._snat_enabled = None
  15. self.fip_map = {}
  16. self.internal_ports = []
  17. + self.pd_subnets = {}
  18. self.floating_ips = set()
  19. # Invoke the setter for establishing initial SNAT action
  20. self.router = router
  21. @@ -212,6 +215,19 @@
  23. self.iptables_manager.apply()
  25. + def _process_pd_iptables_rules(self, prefix, subnet_id):
  26. + """Configure iptables rules for prefix delegated subnets"""
  27. + ext_scope = self._get_external_address_scope()
  28. + ext_scope_mark = self.get_address_scope_mark_mask(ext_scope)
  29. + ex_gw_device = self.get_external_device_name(
  30. + self.get_ex_gw_port()['id'])
  31. + scope_rule = self.address_scope_mangle_rule(ex_gw_device,
  32. + ext_scope_mark)
  33. + self.iptables_manager.ipv6['mangle'].add_rule(
  34. + 'scope',
  35. + '-d %s ' % prefix + scope_rule,
  36. + tag=('prefix_delegation_%s' % subnet_id))
  37. +
  38. def process_floating_ip_address_scope_rules(self):
  39. """Configure address scope related iptables rules for the router's
  40. floating IPs.
  41. @@ -527,6 +543,7 @@
  42. for subnet in p['subnets']:
  43. if ipv6_utils.is_ipv6_pd_enabled(subnet):
  44. pd.disable_subnet(self.router_id, subnet['id'])
  45. + del self.pd_subnets[subnet['id']]
  47. updated_cidrs = []
  48. if updated_ports:
  49. @@ -554,6 +571,7 @@
  50. subnet['cidr'],
  51. old_prefix,
  52. updated_cidrs)
  53. + self.pd_subnets[subnet['id']] = subnet['cidr']
  54. enable_ra = True
  56. # Enable RA
  57. @@ -983,6 +1001,9 @@
  58. iptables['filter'].add_rule(
  59. 'scope',
  60. self.address_scope_filter_rule(device_name, mark))
  61. + for subnet_id, prefix in six.iteritems(self.pd_subnets):
  62. + if prefix != n_const.PROVISIONAL_IPV6_PD_PREFIX:
  63. + self._process_pd_iptables_rules(prefix, subnet_id)
  65. def process_ports_address_scope_iptables(self):
  66. ports_scopemark = self._get_address_scope_mark()
  67.  
Powered by spacepaste. Paste removal.