[config] Add more IP address validation checks #626
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* /32(IPv4) and /128(IPv6) networks only allowed on Loopback interfaces * Newly added IP address shouldn't overlap with existing subnet
jleveque
suggested changes
Sep 6, 2019
|
Retest this please |
|
Id like to see this added. its a nice safety check |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
- What I did
The below two cases will cause swss crash:
This is because duplicated route is added to SAI and it returns fail and cause swss raises exception.
Two checks are added when config IP on interface:
- How I did it
Perform validation checks in CLI configuration functions. Throw error if check fail.
- How to verify it
Use "config interface ip add/remove" commands to test. Config with invalid IP address should see error and vice versa.
- Previous command output (if the output of a command-line utility has changed)
Config /32(IPv4) or /128(IPv6) address:
admin@sonic:$sudo config interface ip add Ethernet0 1.1.1.1/32
swss crash and error messages logged in /var/log/syslog:
Nov 5 18:31:33.082312 sonic ERR swss#orchagent: :- addIp2MeRoute: Failed to create IP2me route ip:4.4.4.4, rv:-6
Nov 5 18:31:33.082440 sonic INFO swss#supervisord: orchagent terminate called after throwing an instance of 'std::runtime_error'
Config overlapped subnets:
admin@sonic:$ sudo config interface ip add Ethernet0 10.1.1.1/24
admin@sonic:$ sudo config interface ip add Ethernet1 10.1.1.2/24
swss crash and error messages logged in /var/log/syslog:
Nov 5 19:31:52.459171 sonic ERR swss#orchagent: :- addSubnetRoute: Failed to create subnet route to 10.1.1.2/24 from Ethernet4, rv:-6
Nov 5 19:31:52.459855 sonic INFO swss#supervisord: orchagent terminate called after throwing an instance of 'std::runtime_error'
- New command output (if the output of a command-line utility has changed)
Config /32(IPv4) or /128(IPv6) address:
admin@sonic:$sudo config interface ip add Ethernet0 1.1.1.1/32
Usage: config interface ip add [OPTIONS] <interface_name> <ip_addr>
Error: Bad mask /32 for IP address 1.1.1.1/32
admin@sonic:$sudo config interface ip add Ethernet0 2019::1/128
Usage: config interface ip add [OPTIONS] <interface_name> <ip_addr>
Error: Bad mask /128 for IP address 2019::1/128
Config overlapped subnets:
admin@sonic:$ sudo config interface ip add Ethernet0 10.1.1.1/24
admin@sonic:$ sudo config interface ip add Ethernet1 10.1.1.2/24
Usage: config interface ip add [OPTIONS] <interface_name> <ip_addr>
Error: IP address 10.1.1.2/24 overlaps with existing subnet
-->