Ticket: CM-11511
Reviewed By: CCR-4890
Testing Done: Used "address-virtual" keyword to create VRR interface with IPv6
address. Checked sysctl and dad failures.
In a VRR setup, both switches are programmed with the same IPv6 address and that
address is active on both switches. This causes the IPv6 duplicate address
detection to kick in and diable the use of one of the address on one of the
switches. This patch causes duplicate address detection to be disabled on VRR
interfaces by setting the net.ipv6.conf.<ifname>.accept_dad and
net.ipv6.conf.<ifname>.dad_transmits sysctl's to 0. The only IPv6 addresses
which are defined on these interfaces are the virtual addresses and the link
local address (which is unused). No other operational IPv6 addresses should ever
be assigned to these interfaces. Instead, operational IPv6 addresses should be
assigned to the "base", or lower, interface of the VRR interface.
if lower_iface_mtu and lower_iface_mtu != self.ipcmd.link_get_mtu(macvlan_ifacename):
self.ipcmd.link_set_mtu(macvlan_ifacename, lower_iface_mtu)
+ # Disable IPv6 duplicate address detection on VRR interfaces
+ for key, sysval in { 'accept_dad' : '0', 'dad_transmits' : '0' }.iteritems():
+ syskey = 'net.ipv6.conf.%s.%s' % (macvlan_ifacename, key)
+ if self.sysctl_get(syskey) != sysval:
+ self.sysctl_set(syskey, sysval)
+
av_idx += 1
self.ipcmd.batch_commit()