← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #08315

[Bug 1269926] [NEW] ML2 vlan type driver does not honor network_vlan_ranges

  Thread PreviousDate PreviousThread Next 
Public bug reported:

I have the following configuration entry in
/etc/neutron/plugins/ml2/ml2_conf.ini:

[ml2_type_vlan]
network_vlan_ranges = default:1:4093

However, creating a new network with a segmentation_id of 4094 is NOT
prevented.

In looking at type_vlan.py
(https://github.com/openstack/neutron/blob/master/neutron/plugins/ml2/drivers/type_vlan.py),
I see validate_provider_segment() does no enforcement of the vlan ranges
specified in network_vlan_ranges.  It does validate that the physical
network name is defined, that the segmentation_id specified is in the
entire list of valid vlans, but it doesn't check against the actual
range defined in ml2_conf.ini.

I propose a fix of simply checking the network segment's segmentation_id
against the network_vlan_ranges defined range, which has been populated
into the self.network_vlan_ranges dictionary in TypeVlanDriver.  If the
segmentation_id is out of the range, then raise an InvalidInput
exception as is already done for other violations.

** Affects: neutron
     Importance: Undecided
     Assignee: Paul Ward (wpward)
         Status: New

** Changed in: neutron
     Assignee: (unassigned) => Paul Ward (wpward)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1269926

Title:
  ML2 vlan type driver does not honor network_vlan_ranges

Status in OpenStack Neutron (virtual network service):
  New

Bug description:
  I have the following configuration entry in
  /etc/neutron/plugins/ml2/ml2_conf.ini:

  [ml2_type_vlan]
  network_vlan_ranges = default:1:4093

  However, creating a new network with a segmentation_id of 4094 is NOT
  prevented.

  In looking at type_vlan.py
  (https://github.com/openstack/neutron/blob/master/neutron/plugins/ml2/drivers/type_vlan.py),
  I see validate_provider_segment() does no enforcement of the vlan
  ranges specified in network_vlan_ranges.  It does validate that the
  physical network name is defined, that the segmentation_id specified
  is in the entire list of valid vlans, but it doesn't check against the
  actual range defined in ml2_conf.ini.

  I propose a fix of simply checking the network segment's
  segmentation_id against the network_vlan_ranges defined range, which
  has been populated into the self.network_vlan_ranges dictionary in
  TypeVlanDriver.  If the segmentation_id is out of the range, then
  raise an InvalidInput exception as is already done for other
  violations.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1269926/+subscriptions

Follow ups

References

  Thread PreviousDate PreviousThread Next