13:59:31 <sc68cal> #startmeeting neutron_ipv6 13:59:31 <openstack> Meeting started Tue Sep 2 13:59:31 2014 UTC and is due to finish in 60 minutes. The chair is sc68cal. Information about MeetBot at http://wiki.debian.org/MeetBot. 13:59:32 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 13:59:36 <openstack> The meeting name has been set to 'neutron_ipv6' 14:01:50 <sc68cal> The only thing I have for discussion today is the progress on the Horizon patch, so if anyone else has things they'd like to discuss please do! 14:03:15 <xuhanp> sc68cal, do we need to change our meeting time since the WL meeting will start next week? 14:03:41 <sc68cal> xuhanp: are they starting next week? I was under the impression is was going to be after the summit? 14:04:18 <xuhanp> I think I saw one email today saying so but not 100% sure 14:04:32 <sc68cal> yep, you are right. Just looked at the ML 14:05:33 <baoli> xuhanp, what is the WL meeting? 14:05:43 <xuhanp> sorry, typo. 14:05:49 <xuhanp> the weekly neutron meeting 14:07:28 <baoli> xuhanp, I see. thanks. 14:07:53 <xuhanp> so I guess we will need to change time if we still want IPv6 meeting to be hold? 14:08:09 <sc68cal> I was going to wait to the summit, but lately I wonder if the subteam and meeting needs to continue - we've got a lot of things done this dev cycle, and we had a lot of consensus to build. Perhaps with the work we've gotten in, it may not need to be a weekly meeting in the future? 14:09:37 <BrianB__> I think a weekly meeting is still good 14:10:09 <xuhanp> I think it will be great if we have a meeting to discuss what's the next steps 14:10:54 <HenryG> How about moving it one hour earlier? 14:11:16 <baoli> it will be conflicting with sr-iov meeting which I need to attend 14:11:25 <BrianB__> HenryG:that conflicts with sr-iov 14:11:37 <sc68cal> I'm glad people want it to continue - I'll keep running it as long as people attend :) 14:12:05 <xuhanp> how about one hour later? 14:12:15 <xuhanp> it's good to keep meetings at one day 14:12:45 <sc68cal> I'm ok with an hour later... although that's pretty brutal for you xuhanp? 14:12:59 <xuhanp> that's fine for me too :-) 14:13:05 <baoli> that sounds good to me 14:13:19 <sc68cal> yeah the upside is it gives the US west coast people a break ;) 14:14:34 <sc68cal> Let me just see if we conflict with anything at 1500 UTC 14:14:37 <xuhanp> if there is no room for this time in openstack-meeting or openstack-meeting-alt, there is openstack-meeting-3 14:15:08 <sc68cal> xuhanp: cool, thanks for checking. 14:15:36 <sc68cal> hmm 14:16:02 <sc68cal> oops, no that's thursday 14:16:49 <sc68cal> ok, so openstack-meeting-3 on tuesdays at 1500UTC? 14:17:24 <sc68cal> I'll put something on the ML to let everyone check and make sure that works 14:17:32 <aveiga> sounds good 14:17:33 <xuhanp> sounds great 14:18:19 <sc68cal> xuhanp: I saw you still had some q's from the HA thread on the ML? 14:18:29 <xuhanp> yep. 14:18:51 <baoli> actually, it seems that tuesdays utc1500 is open on openstack-meeting-alt 14:19:04 <xuhanp> but I just left a new thought today. so I guess I will leave some time for everyone to check it out. 14:19:51 <baoli> xuhanp, right now, the garp is sent to router ports, gateway port, etc. 14:19:55 <sc68cal> Hmmm - I think I found a bug in the mailing list software 14:19:57 <sc68cal> http://lists.openstack.org/pipermail/openstack-dev/2014-August/044340.html 14:20:18 <baoli> xuhanp, for vrrp to work, would it make sense for it to send the garp to the ports that are configured for vrrp? 14:20:18 <sc68cal> That e-mail is from xuhanp but it has aveiga as the from in the archive. 14:20:49 <aveiga> sc68cal: nice catch, as I didn't send that 14:20:56 <xuhanp> sc68cal, you should search for Sep 1 14:21:00 <xuhanp> I sent it today. 14:21:12 <sc68cal> ah ok, 14:21:13 <sc68cal> http://lists.openstack.org/pipermail/openstack-dev/2014-September/044602.html 14:21:22 <xuhanp> that one should came from aveiga, only he is replying inline so mixed with mine 14:21:36 <aveiga> I think the issue at hand should really be which method(s) do we want to support for HA 14:21:45 <aveiga> do we want VRRP? Do we just want standby RAs? 14:21:54 <aveiga> do we want options? 14:22:24 <sc68cal> I know there is some work for vrrp in Neutron - I'd have to do research 14:22:35 <xuhanp> in the latest code of L3 HA, when HA is enable, keepalived is used to send out GARP. When is not, GARP is sending out by neutron code. 14:22:43 <xuhanp> just checked today. 14:23:04 <aveiga> xuhanp: is that using VRRP for IPv4? 14:23:12 <aveiga> and is that the only mode supported? 14:23:43 <xuhanp> I think so since there is no special treat for IPv6. 14:23:52 <xuhanp> although keepalived supports IPv6 VRRP 14:23:57 <baoli> xuhanp, I think that we need to separate the discussion between garp on router ports, and garp on gateway port 14:24:01 <aveiga> ok, so the question is do we want to do just VRRP for IPv6? 14:24:26 <xuhanp> baoli, right. 14:25:05 <xuhanp> aveiga, I think we need to support HA like IPv4, but it's debatable if VRRP is used. 14:25:19 <xuhanp> I just use that as an example of not using two LLA for subnet 14:25:22 <aveiga> xuhanp: I don't question the need for HA, just asking about the methods 14:25:31 <aveiga> and yes, that makes it easier 14:25:34 <aveiga> having only one LLA 14:26:08 <xuhanp> since keepalived with VRRP is used for IPv4, I think it's convenient to use for IPv6 14:26:18 <aveiga> I agree 14:26:32 <baoli> xuhanp, the point I want to make is that garp for router port should be controlled by the higher prototol. 14:27:12 <xuhanp> baoli, so do you understand why currently GARP is used for IPv4 routers? 14:27:22 <xuhanp> I am confused by that part from the beginning 14:27:43 <baoli> xuhanp, garp for the gateway port is for NAT, I believe, but garp for the router ports, I'm 100% sure. 14:28:01 <baoli> sorry, not 100% sure 14:28:18 <xuhanp> I thought it's for bridge learning 14:28:34 <xuhanp> since the router node changed 14:28:44 <xuhanp> we need to update the learning table cache 14:29:32 <baoli> xuhanp, yes, that's possible for quick convergence. But the VM sends ARP anyway 14:30:15 <xuhanp> VM don't need to update ARP if the router IP is not changed, right? 14:30:29 <aveiga> xuhanp: has the MAC changed? 14:30:40 <xuhanp> in VRRP, no. The virtual MAC is used. 14:30:45 <xuhanp> but in other case, maybe 14:31:26 <baoli> xuhanp, so router ports' ip address changed but mac remains unchanged, it maybe a good thing to send garp, I guess. 14:31:37 <baoli> right now, it seems to be sending it regardless. 14:31:51 <aveiga> baoli: is it harming anything to send it? 14:32:12 <aveiga> at the worst, you get a packet that confirms what you already know 14:32:19 <aveiga> at best, it reconverges on the proper gateway 14:33:25 <baoli> aveiga, I don't think it hurts anything 14:33:37 <xuhanp> maybe we should talk to the HA code owner to understand more. 14:33:58 <xuhanp> I see the code change around GARP in the HA code. 14:34:53 <xuhanp> If there is a gap to support IPv6 HA, we can fix that. 14:36:12 <baoli> xuhanp, maybe it's worthwhile to see the packets while RA is enabled on a router port. We can better understand if garp is needed for router port for ipv6 14:37:01 <xuhanp> baoli, if we go that way, then there will be two LLA when router failover. 14:37:17 <xuhanp> VM need to switch to the backup's LLA as route 14:37:47 <xuhanp> In VRRP, the previous LLA is used. 14:38:36 <baoli> xuhanp, I'm still thinking about normal case. For HA, I'm thinking that keepalived will do the right thing. 14:38:53 <xuhanp> baoli, OK 14:38:56 <aveiga> baoli: yeah, VRRP is fine and normal case will judst need a new RA 14:39:02 <aveiga> need to keep valid lifetimes low though 14:39:58 <baoli> aveiga, good point. 14:40:48 <xuhanp> aveiga, I think too low increases the overhead? 14:41:04 <aveiga> xuhanp: it does, but too high means outages during failover 14:41:14 <xuhanp> exactly 14:41:15 <aveiga> it's a tradeoff 14:41:31 <aveiga> but RAs aren't that expensive 14:42:25 <xuhanp> aveiga, so you are saying since failover causes the new router to send out RA anyway, we don't need additional steps here? 14:42:43 <aveiga> xuhanp: if you're triggering the standby to become active 14:42:50 <aveiga> it will have to send RAs anyway to be a router 14:42:53 <aveiga> so yeah 14:43:03 <aveiga> we should spin up radvd on it and fire away 14:43:28 <xuhanp> so we need the VM to wait for the last RA to expire and receive the new one? 14:43:37 <xuhanp> and change it's route to the new LLA? 14:43:57 <aveiga> xuhanp: that depends on the guest, sadly 14:44:08 <aveiga> some of them will take the new RA immediately 14:44:34 <aveiga> some might need to wait for the timeout 14:44:42 <baoli> it's also possible to deprecate the old RA by sending its lifetime to be 0 14:44:56 <aveiga> baoli: spoof send it? 14:45:15 <aveiga> we'd haveto have the failover router send it from the old router's LLA 14:45:17 <xuhanp> the old route is already dead, so how to do it. 14:45:50 <xuhanp> then it falls into the VRRP way. 14:46:02 <xuhanp> in VRRP the new router just send out the old LLA in RA 14:46:25 <aveiga> xuhanp: we're talking about a non-VRRP mode 14:46:39 <xuhanp> yes. but we are making the process more and more like VRRP process 14:47:03 <xuhanp> since it's invented to solve the same problems here 14:47:30 <aveiga> xuhanp: this would potentially let you go to DVR on the fly though :-P 14:47:48 <xuhanp> :-) 14:47:49 <aveiga> just spin up all the local gateways and take over the RA :) 14:49:15 <aveiga> so this is a good conversation and all, but is any of this work tied to a specific blueprint with a timeline? 14:49:36 <xuhanp> no. it's triggered by a bug 14:49:42 <xuhanp> since ARP doesn't work for IPv6. 14:49:43 <aveiga> ah, ok 14:50:18 <baoli> xuhanp, so are we saying that garp on router port will be taken care of by the higher level protocol? In other words, l3 agent doesn't need to send garp blindly. 14:50:38 <baoli> for ipv6 14:50:43 <xuhanp> for IPv4 I think that's useful 14:50:47 <aveiga> well, there's no garp for v6 14:50:51 <xuhanp> but for IPv6, seems not 14:50:55 <aveiga> so it's either a new RA or unsolicited NA 14:51:02 <xuhanp> yep 14:51:06 <baoli> aveiga, that's what I mean. 14:51:08 <aveiga> if it's an RA< then radvd does it normally 14:51:17 <aveiga> if it's NA, then we have to manually craft the packet 14:51:32 <xuhanp> unsolicited NA is useful if the LLA is not changed. 14:51:47 <xuhanp> it will have the same benefit as GARP. 14:51:56 <aveiga> if the LLA is not changed, then why do we need anything? 14:52:06 <aveiga> the MAC and the LLA aren't changing, so the route should still work 14:52:18 <aveiga> the DAD packet will update the switches 14:52:21 <xuhanp> the port could changed, so we need that for switch learning? 14:52:32 <xuhanp> that's my thoughts not 100% sure 14:53:03 <aveiga> unless we aren't waiting to instantiate the listener on the failover router 14:53:09 <aveiga> in which case, yes an NA is needed 14:53:18 <xuhanp> aveiga, yes. 14:54:33 <xuhanp> if LLA is changed, the unsolicited NA is useless after all, right? 14:55:12 <aveiga> if LLA is changed, then a new RA is required 14:55:17 <xuhanp> yep 14:55:20 <aveiga> which will cover for the NA as well 14:56:15 <xuhanp> I can leave these comments in code review and see other's opinions 14:56:27 <aveiga> +1 14:56:52 <baoli> xuhanp, there is ra dump facility you can use to see what would happen with the scenairos you mentioned, also tshark can help find out the packets sent to the network 14:57:17 <xuhanp> baoli, good to know. I will try that. 14:57:43 <baoli> xuhanp, that will help figured out if NA is needed 14:58:07 <xuhanp> baoli, ok 15:00:20 <sc68cal> Cool stuff everyone 15:00:23 <sc68cal> thanks for coming! 15:00:33 <sc68cal> until next week! 15:00:36 <sc68cal> #endmeeting