neutron

Neutron should disallow a CIDR of /32

Bug #1271311 reported by Paul Ward
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Invalid
Undecided
Paul Ward

Bug Description

NeutronDbPluginV2._validate_allocation_pools() currently does basic checks to be sure you don't have an invalid subnet specified. However, one thing missing is checking for a CIDR of /32. Such a subnet would only have one valid IP in it, which would be consumed by the gateway, thus making this network a dead network since no IPs are left over to be allocated to VMs.

I propose a change to disallow start_ip == end_ip in NeutronDbPluginV2._validate_allocation_pools() to cover the CIDR of /32 case.

Paul Ward (wpward)
Changed in neutron:
assignee: nobody → Paul Ward (wpward)
Revision history for this message
Amir Sadoughi (amir-sadoughi) wrote :

It is possible to have a subnet without a gateway. e.g. --no-gateway in neutronclient subnet-create.

Revision history for this message
Paul Ward (wpward) wrote :

Ok... is it useful to have a VM on a single IP subnet with no gateway though?

Revision history for this message
Carl Baldwin (carl-baldwin) wrote :

It isn't the job of the _validate_allocation_pools method to validate the subnet. Perhaps you are looking for a different validation method.

Revision history for this message
Paul Ward (wpward) wrote :

Thanks for your input, Carl. You're right, it seems the more appropriate place for this is _validate_subnet(). It checks ip version, gateway, etc... but not the size of the subnet.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/68742

Changed in neutron:
status: New → In Progress
Revision history for this message
Paul Ward (wpward) wrote :

It's been decided to abandon this fix because it's preventing something that, while not useful, is technically "ok". The better place for this fix would be in the UI as a hint to the user.

For more info: http://lists.openstack.org/pipermail/openstack-dev/2014-January/025385.html

Changed in neutron:
status: In Progress → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.