yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1793094] Re: Router: add port doesn't take IP from allocation pool

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Brian Haley <1793094@xxxxxxxxxxxxxxxxxx>
Date: Mon, 24 Sep 2018 18:29:26 -0000
Reply-to: Bug 1793094 <1793094@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

*** This bug is a duplicate of bug 1757482 ***
    https://bugs.launchpad.net/bugs/1757482

This looks like a duplicate of
https://bugs.launchpad.net/neutron/+bug/1757482 as I was unable to
reproduce it on master - trying to add the interface to the router got:

Error: Failed to add interface: Bad router request: Cannot add interface
to router because subnet e9b318e1-01af-49a1-90bc-ffe949a42e05 is not
owned by project making the request. Neutron server returns request_ids:
['req-19bdeea5-7460-4275-8ec1-65063da4084f']

That was fixed in master here:

commit 54aa6e81cb17b33ce4d5d469cc11dec2869c762d
Author: Miguel Lavalle <miguel.lavalle@xxxxxxxxxx>
Date:   Thu Jun 14 09:21:09 2018 -0500

    Disallow router interface out of subnet IP range
    
    Currently, a non privileged tenant can add a router interface to a
    shared / external network's subnet with an IP address outside the
    subnet's allocation pool, creating a security risk. This patch prevents
    tenants who are not the subnet's owner or admin from assigning a router
    interface an IP address outside the subnet's allocation pool.
    
    Change-Id: I32e76a83443dd8e7d79b396499747f29b4762e92
    Closes-Bug: #1757482

And backported to all stable releases.

** This bug has been marked a duplicate of bug 1757482
   IP address for a router interface allowed outside the allocation range of subnet

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1793094

Title:
  Router: add port doesn't take IP from allocation pool

Status in neutron:
  Triaged

Bug description:
  I have:

  - external network with /24 subnet with .1 as a gateway
  - allocation pool in this subnet (from .100 to .200)

  I, as a user:
  - create router without binding to external network
  - add port from external subnet

  I got an addr .1 (my gateway) on my new port.

  More:
  When I create a new router and new port in the other project, without cleaning up, neutron also gives me .1, but now it fails with error:  

  `Error: Failed to add interface: IP address x.x.x.1 already allocated
  in subnet....`

  When I create a router with binding to external network, I got IP from allocation pool (as expected).   
  Looks like there is an error in some checks when adding a new port.

  env :

  Ubuntu Xenial
  OS Queens
  neutron: 2:12.0.3-0ubuntu1~cloud0

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1793094/+subscriptions

References

[Bug 1793094] [NEW] Router: add port doesn't take IP from allocation pool
From: Crazik, 2018-09-18