← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1367060] [NEW] nova network-create allows invalid fixed-ip creation

 

Public bug reported:

Creating a network with 'nova network-create' allows the creation of
fixed-ips that fall outside the fixed-range-v4, resulting in invalid
fixed IPs.

To recreate:
Create a network with network-create that contains a fixed-cidr that falls outside the fixed-range-v4.

Actual outcome:
If the user runs the following command
nova network-create vmnet --fixed-range-v4 10.1.0.0/24 --fixed-cidr 10.20.0.0/16 --bridge br-100

This command succeeds, and creates invalid fixed IPs which can be
retrieved with 'nova fixed-ip-get', for example:

nova fixed-ip-get 10.20.0.1

+-----------+-------------+----------+------+
| address   | cidr        | hostname | host |
+-----------+-------------+----------+------+
| 10.20.0.1 | 10.1.0.0/24 | -        | -    |
+-----------+-------------+----------+------+

This address falls outside the cidr, so is invalid.

Desired outcome:
Nova network-create should verify that the fixed-cidr is a subset of fixed-range-v4, if the fixed-cidr falls outside of the fixed-range-v4 the command should fail with an error, such as "ERROR: fixed-cidr must be a subset of fixed-range-v4".

** Affects: nova
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1367060

Title:
  nova network-create allows invalid fixed-ip creation

Status in OpenStack Compute (Nova):
  New

Bug description:
  Creating a network with 'nova network-create' allows the creation of
  fixed-ips that fall outside the fixed-range-v4, resulting in invalid
  fixed IPs.

  To recreate:
  Create a network with network-create that contains a fixed-cidr that falls outside the fixed-range-v4.

  Actual outcome:
  If the user runs the following command
  nova network-create vmnet --fixed-range-v4 10.1.0.0/24 --fixed-cidr 10.20.0.0/16 --bridge br-100

  This command succeeds, and creates invalid fixed IPs which can be
  retrieved with 'nova fixed-ip-get', for example:

  nova fixed-ip-get 10.20.0.1

  +-----------+-------------+----------+------+
  | address   | cidr        | hostname | host |
  +-----------+-------------+----------+------+
  | 10.20.0.1 | 10.1.0.0/24 | -        | -    |
  +-----------+-------------+----------+------+

  This address falls outside the cidr, so is invalid.

  Desired outcome:
  Nova network-create should verify that the fixed-cidr is a subset of fixed-range-v4, if the fixed-cidr falls outside of the fixed-range-v4 the command should fail with an error, such as "ERROR: fixed-cidr must be a subset of fixed-range-v4".

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1367060/+subscriptions


Follow ups

References