Thanks Slawek, all for commenting on this bug, and bringing it up in IRC. I have some questions:
* If we choose to fix it in OVN, do we have an idea what other drivers are impacted? So far I have only managed to test linuxbridge, midonet and OVN
* With above fix, could there be some drivers that, after coercing two SG rules to be identical, will throw an error when inserting duplicate rules?
* If we choose the new (optional) API extension fix, is it possible that it be an extension that accepts 'right'/'strict' CIDRs only? Disabled by default means no API behaviour change.
As an operator, my personal ordered preferences will be
1. Do not allow a user to make mistake
2. Warn the user if they make a mistake
Of course, I understand there might be technical considerations like not breaking API.
Thanks Slawek, all for commenting on this bug, and bringing it up in IRC. I have some questions:
* If we choose to fix it in OVN, do we have an idea what other drivers are impacted? So far I have only managed to test linuxbridge, midonet and OVN
* With above fix, could there be some drivers that, after coercing two SG rules to be identical, will throw an error when inserting duplicate rules?
* If we choose the new (optional) API extension fix, is it possible that it be an extension that accepts 'right'/'strict' CIDRs only? Disabled by default means no API behaviour change.
As an operator, my personal ordered preferences will be
1. Do not allow a user to make mistake
2. Warn the user if they make a mistake
Of course, I understand there might be technical considerations like not breaking API.