Skip to content

Oracle datasource: secondary VNICs should use DHCP + routing-policy like EC2 #6844

@qm3ster

Description

@qm3ster

On OCI, secondary VNICs currently get static-only config. This means:

  • Only ipv6Addresses[0] is configured, additional IPv6 addresses are dropped (DHCPv6 gets enabled only on no-IPv4 primaries, which does yield all configured addreses)
  • No routing-policy rules, so outbound traffic from secondary VNIC IPs exits the primary interface and gets dropped by OCI's anti-spoofing (this affects IPv4 and IPv6)
  • Users must hand-write a second netplan file for routes, routing-policy, and additional IPs

Tested on VM.Standard.A1.Flex (Ubuntu 22.04, 24.04):

  • OCI does not serve DHCPv4 on secondary VNICs (tested on multiple instances, no response)
  • OCI serves DHCPv6 on all VNICs — secondary VNICs get all assigned IPv6 addresses automatically
  • OCI's IMDS reports all IPv4 and IPv6 addresses per VNIC, plus subnet CIDRs
  • Routing-policy (from: <ip>, table: <N>) is required for secondary VNICs or outbound traffic is dropped

The EC2 datasource already handles all of this (DataSourceEc2.py:1065-1186):

  • dhcp4: true on every NIC, not just primary
  • dhcp6: true when IPv6 addresses exist
  • Per-IP routing-policy rules on non-primary NICs with table: 100 + nic_idx
  • Additional static addresses via get_secondary_addresses()
  • Single-NIC cleanup (strips unnecessary overrides)

Oracle's datasource could follow the same pattern, adapted for OCI's DHCP behavior (no DHCPv4 on secondary, DHCPv6 on all).

We have a working v2-based implementation locally. Happy to PR if there's interest.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions