CLOUDSTACK-4622:If a VM from guest network is added to network tier of VPC then IP reservation allows the CIDR to be a superset of Network CIDR for that VPC tier

Signed-off-by: Jayapal <jayapal@apache.org>
2025-12-16 18:43:26 +01:00 · 2013-09-13 14:45:35 +05:30 · 2013-09-13 14:45:35 +05:30 · ab4f095c68
commit ab4f095c68
parent 1a033eddae
2 changed files with 36 additions and 2 deletions
--- a/utils/src/com/cloud/utils/net/NetUtils.java
+++ b/utils/src/com/cloud/utils/net/NetUtils.java
@ -837,13 +837,32 @@ public class NetUtils {
    }

    public static boolean isNetworkAWithinNetworkB(String cidrA, String cidrB) {
+        // This utility returns true if IP range of cidrA is same or lies completely in cidrB
+        // Returns true if networkA is same as networkB or networkA is a subset of networkB
        Long[] cidrALong = cidrToLong(cidrA);
        Long[] cidrBLong = cidrToLong(cidrB);
        if (cidrALong == null || cidrBLong == null) {
            return false;
        }
-        long shift = 32 - cidrBLong[1];
-        return ((cidrALong[0] >> shift) == (cidrBLong[0] >> shift));
+        if (isSameIpRange(cidrA, cidrB)) {
+            return true;
+        }
+        String[] cidrPairFirst = cidrA.split("\\/");
+        String[] cidrPairSecond = cidrB.split("\\/");
+
+        Long networkSizeFirst = Long.valueOf(cidrPairFirst[1]);
+        Long networkSizeSecond = Long.valueOf(cidrPairSecond[1]);
+        String ipRangeFirst [] = NetUtils.getIpRangeFromCidr(cidrPairFirst[0], networkSizeFirst);
+        String ipRangeSecond [] = NetUtils.getIpRangeFromCidr(cidrPairFirst[0], networkSizeSecond);
+
+        long startIpFirst = NetUtils.ip2Long(ipRangeFirst[0]);
+        long endIpFirst = NetUtils.ip2Long(ipRangeFirst[1]);
+        long startIpSecond = NetUtils.ip2Long(ipRangeSecond[0]);
+        long endIpSecond = NetUtils.ip2Long(ipRangeSecond[1]);
+
+        if((startIpFirst >= startIpSecond) && (endIpFirst <= endIpSecond))
+            return true;
+        return false;
    }

    public static Long[] cidrToLong(String cidr) {
--- a/utils/test/com/cloud/utils/net/NetUtilsTest.java
+++ b/utils/test/com/cloud/utils/net/NetUtilsTest.java
@ -174,4 +174,19 @@ public class NetUtilsTest extends TestCase {
    public void testGetLocalIPString() {
        assertNotNull(NetUtils.getLocalIPString());
    }
+
+    public void testSubnet() {
+        //Test to check if a cidr is a part of another cidr
+        //Test 2 same cidrs
+        assertTrue(NetUtils.isNetworkAWithinNetworkB("10.1.1.0/25", "10.1.1.0/25"));
+        //Tests when cidrA is smaller than cidrB
+        assertTrue(NetUtils.isNetworkAWithinNetworkB("10.1.1.0/26", "10.1.1.0/25"));
+        assertTrue(NetUtils.isNetworkAWithinNetworkB("10.1.1.0/25", "10.1.1.0/24"));
+        assertTrue(NetUtils.isNetworkAWithinNetworkB("10.1.1.0/23", "10.1.1.0/22"));
+        assertTrue(NetUtils.isNetworkAWithinNetworkB("192.168.0.0/16" , "192.168.0.0/15"));
+        //Tests when cidrA is larger than cidrB
+        assertFalse(NetUtils.isNetworkAWithinNetworkB("10.1.1.0/26", "10.1.1.0/27"));
+        assertFalse(NetUtils.isNetworkAWithinNetworkB("10.1.1.0/24", "10.1.1.0/25"));
+        assertFalse(NetUtils.isNetworkAWithinNetworkB("10.1.1.0/22", "10.1.1.0/23"));
+    }
 }