Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enhance ExternalIPPool validation #5842

Closed
tnqn opened this issue Jan 4, 2024 · 3 comments · Fixed by #5898
Closed

Enhance ExternalIPPool validation #5842

tnqn opened this issue Jan 4, 2024 · 3 comments · Fixed by #5898
Assignees
Labels
good first issue Good for newcomers kind/bug Categorizes issue or PR as related to a bug.

Comments

@tnqn
Copy link
Member

tnqn commented Jan 4, 2024

Describe the bug

  1. When startIP and endIP are provided, startIP must <= endIP.
  2. When startIP and endIP are provided, they must be IPv4 or IPv6 at the same time.
  3. All IPRanges of ExternalIPPools must not overlap.
@tnqn tnqn added good first issue Good for newcomers kind/bug Categorizes issue or PR as related to a bug. labels Jan 4, 2024
@aroradaman
Copy link
Contributor

/assign

@aroradaman
Copy link
Contributor

When startIP and endIP are provided, they must be IPv4 or IPv6 at the same time.

return fmt.Sprintf("IP range %s-%s must be a strict subset of the subnet", ipRange.Start, ipRange.End), false

covers the case of mismatched IP families.

Do you think we can skip this one or need an explicit IP family mismatch error?

@tnqn
Copy link
Member Author

tnqn commented Jan 20, 2024

@aroradaman Thanks for working on it.

When startIP and endIP are provided, they must be IPv4 or IPv6 at the same time.

return fmt.Sprintf("IP range %s-%s must be a strict subset of the subnet", ipRange.Start, ipRange.End), false

covers the case of mismatched IP families.
Do you think we can skip this one or need an explicit IP family mismatch error?

The above check is only performed when subnetInfo is provided, which is an optional field, we still need to ensure the following input is denied (no subnetInfo is provided):

if subnetInfo == nil {
return "", true
}

apiVersion: crd.antrea.io/v1alpha2
kind: ExternalIPPool
metadata:
  name: prod-external-ip-pool2
spec:
  ipRanges:
  - start: 172.18.1.10
    end: 2001:db8::2:3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
good first issue Good for newcomers kind/bug Categorizes issue or PR as related to a bug.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants