lxd/network/driver_ovn: allow subnets smaller than /64

We can allow IPv6 subnets smaller than /64 for the case when stateful DHCPv6 is used or DHCP is completely disabled. Suggested-by: Thomas Parrott <thomas.parrott@canonical.com> Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com> (cherry picked from commit 48451e8)
tomponline · Oct 18, 2024 · b87a91f · b87a91f
1 parent d0aabb2
commit b87a91f
Showing 1 changed file with 12 additions and 7 deletions.
diff --git a/lxd/network/driver_ovn.go b/lxd/network/driver_ovn.go
@@ -341,13 +341,18 @@ func (n *ovn) Validate(config map[string]string) error {
 		return err
 	}
 
-	// Check that if IPv6 enabled then the network size must be at least a /64 as both RA and DHCPv6
-	// in OVN (as it generates addresses using EUI64) require at least a /64 subnet to operate.
-	_, ipv6Net, _ := net.ParseCIDR(config["ipv6.address"])
-	if ipv6Net != nil {
-		ones, _ := ipv6Net.Mask.Size()
-		if ones > 64 {
-			return fmt.Errorf("IPv6 subnet must be at least a /64")
+	// Peform composite key checks after per-key validation.
+
+	// Check that if stateless DHCPv6 is enabled and IPv6 subnet is set then the network size
+	// must be at least a /64 as both RA and DHCPv6 in OVN (as it generates addresses using EUI64)
+	// require at least a /64 subnet to operate.
+	if shared.IsTrueOrEmpty(config["ipv6.dhcp"]) && shared.IsFalseOrEmpty(config["ipv6.dhcp.stateful"]) {
+		_, ipv6Net, _ := net.ParseCIDR(config["ipv6.address"])
+		if ipv6Net != nil {
+			ones, _ := ipv6Net.Mask.Size()
+			if ones > 64 {
+				return fmt.Errorf("IPv6 subnet must be at least a /64 when stateless DHCPv6 is enabled")
+			}
 		}
 	}