Merge release branch 4.9 to master

* 4.9:
  cleanup trailing space for checkstyle
  Expanded tests of RFC1918 and RFC6598 validation code.
  Allow CGN (RFC6598) to be used within a VPC
This commit is contained in:
Rajani Karuturi 2017-05-08 10:18:12 +05:30
commit 3f7fca02d4
3 changed files with 22 additions and 13 deletions

View File

@ -2213,7 +2213,7 @@ public class NetworkOrchestrator extends ManagerBase implements NetworkOrchestra
// Check if cidr is RFC1918 compliant if the network is Guest Isolated for IPv4 // Check if cidr is RFC1918 compliant if the network is Guest Isolated for IPv4
if (cidr != null && ntwkOff.getGuestType() == Network.GuestType.Isolated && ntwkOff.getTrafficType() == TrafficType.Guest) { if (cidr != null && ntwkOff.getGuestType() == Network.GuestType.Isolated && ntwkOff.getTrafficType() == TrafficType.Guest) {
if (!NetUtils.validateGuestCidr(cidr)) { if (!NetUtils.validateGuestCidr(cidr)) {
throw new InvalidParameterValueException("Virtual Guest Cidr " + cidr + " is not RFC1918 compliant"); throw new InvalidParameterValueException("Virtual Guest Cidr " + cidr + " is not RFC 1918 or 6598 compliant");
} }
} }

View File

@ -1147,22 +1147,26 @@ public class NetUtils {
// 10.0.0.0 - 10.255.255.255 (10/8 prefix) // 10.0.0.0 - 10.255.255.255 (10/8 prefix)
// 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) // 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
// 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) // 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
// RFC 6598 - The IETF detailed shared address space for use in ISP CGN
final String cidr1 = "10.0.0.0/8"; // deployments and NAT devices that can handle the same addresses occurring both on inbound and outbound interfaces.
final String cidr2 = "172.16.0.0/12"; // ARIN returned space to the IANA as needed for this allocation.
final String cidr3 = "192.168.0.0/16"; // The allocated address block is 100.64.0.0/10
final String[] allowedNetBlocks = {"10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "100.64.0.0/10"};
if (!isValidCIDR(cidr)) { if (!isValidCIDR(cidr)) {
s_logger.warn("Cidr " + cidr + " is not valid"); s_logger.warn("Cidr " + cidr + " is not valid");
return false; return false;
} }
if (isNetworkAWithinNetworkB(cidr, cidr1) || isNetworkAWithinNetworkB(cidr, cidr2) || isNetworkAWithinNetworkB(cidr, cidr3)) { for (String block: allowedNetBlocks) {
return true; if (isNetworkAWithinNetworkB(cidr, block)) {
} else { return true;
s_logger.warn("cidr " + cidr + " is not RFC 1918 compliant"); }
return false;
} }
// not in allowedNetBlocks - return false
s_logger.warn("cidr " + cidr + " is not RFC 1918 or 6598 compliant");
return false;
} }
public static boolean verifyInstanceName(final String instanceName) { public static boolean verifyInstanceName(final String instanceName) {
@ -1171,7 +1175,6 @@ public class NetUtils {
s_logger.warn("Instance name can not contain hyphen, spaces and \"+\" char"); s_logger.warn("Instance name can not contain hyphen, spaces and \"+\" char");
return false; return false;
} }
return true; return true;
} }

View File

@ -314,9 +314,15 @@ public class NetUtilsTest {
@Test @Test
public void testValidateGuestCidr() throws Exception { public void testValidateGuestCidr() throws Exception {
final String guestCidr = "192.168.1.0/24"; final String[] validCidrs = {"10.1.1.1/16", "172.16.1.0/16", "192.168.1.0/24", "100.64.1.0/24"};
final String[] invalidCidrs = {"172.33.1.0/16", "100.128.1.0/10"};
assertTrue(NetUtils.validateGuestCidr(guestCidr)); for (String cidr: validCidrs) {
assertTrue(NetUtils.validateGuestCidr(cidr));
}
for (String cidr: invalidCidrs) {
assertFalse(NetUtils.validateGuestCidr(cidr));
}
} }
@Test @Test