L3Policy check for subnet-prefix-length smaller than pool subnet
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Group Based Policy |
Fix Released
|
Medium
|
Krishna Kothapalli |
Bug Description
L3Policy can be created with a subnet-
If this L3Policy is now referred inside a L2Policy which in turn used to create a PTG, then PTG creation will fail due failure in creating a subnet
"NoSubnetAvailable: No subnet is available from l3 policy's pool."
Find the sequence of steps:
=======
test@localhost:
Created a new l3_policy:
+------
| Field | Value |
+------
| description | |
| external_segments | {} |
| id | f4c7258d-
| ip_pool | 1.1.1.0/24 |
| ip_version | 4 |
| l2_policies | |
| name | b |
| routers | 0d234a6a-
| shared | False |
| subnet_
| tenant_id | b3094e3ded7e4d6
+------
test@localhost:
test@localhost:
test@localhost:
Created a new l2_policy:
+------
| Field | Value |
+------
| description | |
| id | 53c6c47c-
| l3_policy_id | f4c7258d-
| name | new |
| network_id | a12f6d59-
| policy_
| shared | False |
| tenant_id | b3094e3ded7e4d6
+------
test@localhost:
test@localhost:
Service Unavailable (HTTP 503) (Request-ID: req-3f88174f-
test@localhost:
tags: | added: juno-backport-potential |
Changed in group-based-policy: | |
status: | Fix Committed → Fix Released |
The fix for this is that the subnet- prefix- length should never be allowed to be more than what can be accommodated in the ip_pool. There is a TODO in the code for this: /github. com/stackforge/ group-based- policy/ blob/master/ gbpservice/ neutron/ db/grouppolicy/ group_policy_ db.py#L1031- L1040
https:/