Fix up the remaining DHCPv6 setup

node-daemon/pvcd/Daemon.py

@@ -71,11 +71,13 @@ import pvcd.CephInstance as CephInstance
 
 # Create timer to update this node in Zookeeper
 def startKeepaliveTimer():
-    global update_timer
+    # Create our timer object
+    update_timer = apscheduler.schedulers.background.BackgroundScheduler()
     interval = int(config['keepalive_interval'])
     logger.out('Starting keepalive timer ({} second interval)'.format(interval), state='s')
     update_timer.add_job(update_zookeeper, 'interval', seconds=interval)
     update_timer.start()
+    return update_timer
 
 def stopKeepaliveTimer():
     global update_timer
@@ -111,9 +113,6 @@ staticdata.append(subprocess.run(['uname', '-r'], stdout=subprocess.PIPE).stdout
 staticdata.append(subprocess.run(['uname', '-o'], stdout=subprocess.PIPE).stdout.decode('ascii').strip())
 staticdata.append(subprocess.run(['uname', '-m'], stdout=subprocess.PIPE).stdout.decode('ascii').strip())
 
-# Create our timer object
-update_timer = apscheduler.schedulers.background.BackgroundScheduler()
-
 # Config values dictionary
 config_values = [
     'coordinators',
@@ -288,13 +287,19 @@ except Exception as e:
 # Handle zookeeper failures
 def zk_listener(state):
     global zk_conn, update_timer
-    if state == kazoo.client.KazooState.SUSPENDED:
-        logger.out('Connection to Zookeeper lost; retrying', state='w')
+    if state == kazoo.client.KazooState.CONNECTED:
+        logger.out('Connection to Zookeeper restarted', state='o')
 
+        # Start keepalive thread
+        if update_timer:
+            update_timer = startKeepaliveTimer()
+    else:
         # Stop keepalive thread
         if update_timer:
             stopKeepaliveTimer()
 
+        logger.out('Connection to Zookeeper lost; retrying', state='w')
+
         while True:
             _zk_conn = kazoo.client.KazooClient(hosts=config['coordinators'])
             try:
@@ -303,14 +308,6 @@ def zk_listener(state):
                 break
             except:
                 time.sleep(1)
-    elif state == kazoo.client.KazooState.CONNECTED:
-        logger.out('Connection to Zookeeper restarted', state='o')
-
-        # Start keepalive thread
-        if update_timer:
-            update_timer = startKeepaliveTimer()
-    else:
-        pass
 zk_conn.add_listener(zk_listener)
 
 ###############################################################################
@@ -422,14 +419,14 @@ else:
 vni_dev = config['vni_dev']
 vni_dev_ip = config['vni_dev_ip']
 logger.out('Setting up VNI network on interface {} with IP {}'.format(vni_dev, vni_dev_ip), state='i')
-common.run_os_command('ip link set {} up'.format(vni_dev))
+common.run_os_command('ip link set {} mtu 9000 up'.format(vni_dev))
 common.run_os_command('ip address add {} dev {}'.format(vni_dev_ip, vni_dev))
 
 # Storage configuration
 storage_dev = config['storage_dev']
 storage_dev_ip = config['storage_dev_ip']
 logger.out('Setting up Storage network on interface {} with IP {}'.format(storage_dev, storage_dev_ip), state='i')
-common.run_os_command('ip link set {} up'.format(storage_dev))
+common.run_os_command('ip link set {} mtu 9000 up'.format(storage_dev))
 common.run_os_command('ip address add {} dev {}'.format(storage_dev_ip, storage_dev))
 
 # Upstream configuration
@@ -899,6 +896,11 @@ def update_zookeeper():
     else:
         ceph_health_colour = logger.fmt_red
 
+    # DNS aggregator retransfer
+    if this_node.router_state == 'primary':
+        for network in d_network: 
+            dns_aggregator.get_axfr(network)
+
     # Set ceph health information in zookeeper (primary only)
     if this_node.router_state == 'primary':
         # Get status info
@@ -1145,7 +1147,7 @@ def update_zookeeper():
 
 
 # Start keepalive thread and immediately update Zookeeper
-startKeepaliveTimer()
+update_timer = startKeepaliveTimer()
 update_zookeeper()
 
 # Tick loop; does nothing since everything else is async

node-daemon/pvcd/VXNetworkInstance.py

@@ -77,11 +77,13 @@ add rule inet filter {vxlannic}-in counter
 add rule inet filter {vxlannic}-out counter
 # Allow ICMP traffic into the router from network
 add rule inet filter input ip protocol icmp meta iifname {bridgenic} counter accept
+add rule inet filter input ip6 nexthdr icmpv6 meta iifname {bridgenic} counter accept
 # Allow DNS, DHCP, and NTP traffic into the router from network
 add rule inet filter input tcp dport 53 meta iifname {bridgenic} counter accept
 add rule inet filter input udp dport 53 meta iifname {bridgenic} counter accept
 add rule inet filter input udp dport 67 meta iifname {bridgenic} counter accept
 add rule inet filter input udp dport 123 meta iifname {bridgenic} counter accept
+add rule inet filter input ip6 nexthdr udp udp dport 547 meta iifname {bridgenic} counter accept
 # Block traffic into the router from network
 add rule inet filter input meta iifname {bridgenic} counter drop
 """.format(
@@ -151,11 +153,15 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
 
             if data and self.ip6_gateway != data.decode('ascii'):
                 orig_gateway = self.ip6_gateway
-                self.ip6_gateway = data.decode('ascii')
                 if self.this_node.router_state == 'primary':
                     if orig_gateway:
                         self.removeGateway6Address()
+                self.ip6_gateway = data.decode('ascii')
+                if self.this_node.router_state == 'primary':
                     self.createGateway6Address()
+                    if self.dhcp_server_daemon:
+                        self.stopDHCPServer()
+                        self.startDHCPServer()
 
         @self.zk_conn.DataWatch('/networks/{}/dhcp6_flag'.format(self.vni))
         def watch_network_dhcp_status(data, stat, event=''):
@@ -192,11 +198,15 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
 
             if data and self.ip4_gateway != data.decode('ascii'):
                 orig_gateway = self.ip4_gateway
-                self.ip4_gateway = data.decode('ascii')
                 if self.this_node.router_state == 'primary':
                     if orig_gateway:
                         self.removeGateway4Address()
+                self.ip4_gateway = data.decode('ascii')
+                if self.this_node.router_state == 'primary':
                     self.createGateway4Address()
+                    if self.dhcp_server_daemon:
+                        self.stopDHCPServer()
+                        self.startDHCPServer()
 
         @self.zk_conn.DataWatch('/networks/{}/dhcp4_flag'.format(self.vni))
         def watch_network_dhcp_status(data, stat, event=''):
@@ -380,12 +390,12 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
             )
         )
         common.run_os_command(
-            'ip link set {} up'.format(
+            'ip link set {} mtu 8800 up'.format(
                 self.vxlan_nic
             )
         )
         common.run_os_command(
-            'ip link set {} up'.format(
+            'ip link set {} mtu 8800 up'.format(
                 self.bridge_nic
             )
         )
@@ -435,13 +445,15 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
                 prefix='VNI {}'.format(self.vni),
                 state='o'
             )
+
             # Recreate the environment we need for dnsmasq
             pvcd_config_file = os.environ['PVCD_CONFIG_FILE']
             dhcp_environment = {
                 'DNSMASQ_BRIDGE_INTERFACE': self.bridge_nic,
                 'PVCD_CONFIG_FILE': pvcd_config_file
             }
-            # Define the dnsmasq config
+
+            # Define the dnsmasq config fragments
             dhcp_configuration_base = [
                 '--domain-needed',
                 '--bogus-priv',
@@ -454,9 +466,10 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
                 '--local=/{}/'.format(self.domain),
                 '--auth-zone={}'.format(self.domain),
                 '--log-facility=-',
+                '--log-dhcp',
                 '--keep-in-foreground',
                 '--leasefile-ro',
-                '--auth-soa=1,pvc@localhost,10,10',
+#                '--auth-soa=1,pvc@localhost,10,10',
                 '--dhcp-script={}/pvcd/dnsmasq-zookeeper-leases.py'.format(os.getcwd()),
                 '--dhcp-hostsdir={}'.format(self.dnsmasq_hostsdir),
                 '--bind-interfaces',
@@ -474,15 +487,28 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
                 '--listen-address={}'.format(self.ip6_gateway),
                 '--auth-peer={}'.format(self.ip6_gateway),
                 '--auth-sec-servers={}'.format(self.ip6_gateway),
-                '--dhcp-option=option6:ntp-server,{}'.format(self.ip6_gateway),
+                '--dhcp-option=option6:dns-server,{}'.format(self.ip6_gateway),
+                '--dhcp-option=option6:sntp-server,{}'.format(self.ip6_gateway),
+            ]
+            dhcp_configuration_v6_dualstack = [
                 '--dhcp-range=net:{nic},::,constructor:{nic},ra-stateless,ra-names'.format(nic=self.bridge_nic),
                 '--enable-ra',
             ]
+            dhcp_configuration_v6_only = [
+                '--dhcp-range=net:{nic},::2,::ffff:ffff:ffff:ffff,constructor:{nic},64,24h'.format(nic=self.bridge_nic),
+            ]
+
+            # Assemble the DHCP configuration
             dhcp_configuration = dhcp_configuration_base
             if self.dhcp4_flag:
                 dhcp_configuration += dhcp_configuration_v4 
             if self.dhcp6_flag:
                 dhcp_configuration += dhcp_configuration_v6
+                if self.dhcp4_flag:
+                    dhcp_configuration += dhcp_configuration_v6_dualstack
+                else:
+                    dhcp_configuration += dhcp_configuration_v6_only
+
             # Start the dnsmasq process in a thread
             print('/usr/sbin/dnsmasq {}'.format(' '.join(dhcp_configuration)))
             self.dhcp_server_daemon = common.run_os_daemon(