mirror of https://github.com/apache/cloudstack.git
in one zone, Admin should not be allowed to add a Shared Network with a subnet that is already associated with another Vlan.
This commit is contained in:
Anthony Xu
parent
8a6892d542
commit
04cdd90a84
|
|
@ -2978,30 +2978,16 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
|||
}
|
||||
|
||||
if (ipv4) {
|
||||
String newVlanSubnet = NetUtils.getSubNet(vlanGateway, vlanNetmask);
|
||||
String newCidr = NetUtils.getCidrFromGatewayAndNetmask(vlanGateway, vlanNetmask);
|
||||
|
||||
// Check if the new VLAN's subnet conflicts with the guest network
|
||||
// in
|
||||
// the specified zone (guestCidr is null for basic zone)
|
||||
String guestNetworkCidr = zone.getGuestNetworkCidr();
|
||||
if (guestNetworkCidr != null) {
|
||||
String[] cidrPair = guestNetworkCidr.split("\\/");
|
||||
String guestIpNetwork = NetUtils.getIpRangeStartIpFromCidr(cidrPair[0], Long.parseLong(cidrPair[1]));
|
||||
long guestCidrSize = Long.parseLong(cidrPair[1]);
|
||||
long vlanCidrSize = NetUtils.getCidrSize(vlanNetmask);
|
||||
|
||||
long cidrSizeToUse = -1;
|
||||
if (vlanCidrSize < guestCidrSize) {
|
||||
cidrSizeToUse = vlanCidrSize;
|
||||
} else {
|
||||
cidrSizeToUse = guestCidrSize;
|
||||
}
|
||||
|
||||
String guestSubnet = NetUtils.getCidrSubNet(guestIpNetwork, cidrSizeToUse);
|
||||
|
||||
if (newVlanSubnet.equals(guestSubnet)) {
|
||||
if ( guestNetworkCidr != null ) {
|
||||
if (NetUtils.isNetworksOverlap(newCidr, guestNetworkCidr)) {
|
||||
throw new InvalidParameterValueException(
|
||||
"The new IP range you have specified has the same subnet as the guest network in zone: "
|
||||
"The new IP range you have specified has overlapped with the guest network in zone: "
|
||||
+ zone.getName() + ". Please specify a different gateway/netmask.");
|
||||
}
|
||||
}
|
||||
|
|
@ -3009,29 +2995,36 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
|||
// Check if there are any errors with the IP range
|
||||
checkPublicIpRangeErrors(zoneId, vlanId, vlanGateway, vlanNetmask, startIP, endIP);
|
||||
|
||||
// Throw an exception if any of the following is true:
|
||||
// 1. Another VLAN in the same zone has a different tag but the same
|
||||
// subnet as the new VLAN. Make an exception for the
|
||||
// case when both vlans are Direct.
|
||||
// 2. Another VLAN in the same zone that has the same tag and subnet
|
||||
// as
|
||||
// the new VLAN has IPs that overlap with the IPs
|
||||
// being added
|
||||
// 3. Another VLAN in the same zone that has the same tag and subnet
|
||||
// as
|
||||
// the new VLAN has a different gateway than the
|
||||
// new VLAN
|
||||
// 4. If VLAN is untagged and Virtual, and there is existing
|
||||
// UNTAGGED
|
||||
// vlan with different subnet
|
||||
// Throw an exception if this subnet overlaps with subnet on other VLAN,
|
||||
// if this is ip range extension, gateway, network mask should be same and ip range should not overlap
|
||||
|
||||
List<VlanVO> vlans = _vlanDao.listByZone(zone.getId());
|
||||
for (VlanVO vlan : vlans) {
|
||||
String otherVlanGateway = vlan.getVlanGateway();
|
||||
String otherVlanNetmask = vlan.getVlanNetmask();
|
||||
// Continue if it's not IPv4
|
||||
if (otherVlanGateway == null) {
|
||||
if ( otherVlanGateway == null || otherVlanNetmask == null ) {
|
||||
continue;
|
||||
}
|
||||
String otherVlanSubnet = NetUtils.getSubNet(vlan.getVlanGateway(), vlan.getVlanNetmask());
|
||||
if ( vlan.getNetworkId() == null ) {
|
||||
continue;
|
||||
}
|
||||
String otherCidr = NetUtils.getCidrFromGatewayAndNetmask(otherVlanGateway, otherVlanNetmask);
|
||||
if( !NetUtils.isNetworksOverlap(newCidr, otherCidr)) {
|
||||
continue;
|
||||
}
|
||||
// from here, subnet overlaps
|
||||
if ( !vlanId.equals(vlan.getVlanTag()) ) {
|
||||
throw new InvalidParameterValueException("The IP range with tag: " + vlan.getVlanTag()
|
||||
+ " in zone " + zone.getName()
|
||||
+ " has overlapped with the subnet. Please specify a different gateway/netmask.");
|
||||
}
|
||||
if ( vlan.getNetworkId() != networkId) {
|
||||
throw new InvalidParameterValueException("This subnet is overlapped with subnet in other network " + vlan.getNetworkId()
|
||||
+ " in zone " + zone.getName()
|
||||
+ " . Please specify a different gateway/netmask.");
|
||||
|
||||
}
|
||||
String[] otherVlanIpRange = vlan.getIpRange().split("\\-");
|
||||
String otherVlanStartIP = otherVlanIpRange[0];
|
||||
String otherVlanEndIP = null;
|
||||
|
|
@ -3039,34 +3032,15 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
|||
otherVlanEndIP = otherVlanIpRange[1];
|
||||
}
|
||||
|
||||
if (forVirtualNetwork && !vlanId.equals(vlan.getVlanTag()) && newVlanSubnet.equals(otherVlanSubnet)
|
||||
&& !allowIpRangeOverlap(vlan, forVirtualNetwork, networkId)) {
|
||||
throw new InvalidParameterValueException("The IP range with tag: " + vlan.getVlanTag()
|
||||
+ " in zone " + zone.getName()
|
||||
+ " has the same subnet. Please specify a different gateway/netmask.");
|
||||
//extend IP range
|
||||
if (!vlanGateway.equals(otherVlanGateway) || !vlanNetmask.equals(vlan.getVlanNetmask())) {
|
||||
throw new InvalidParameterValueException("The IP range has already been added with gateway "
|
||||
+ otherVlanGateway + " ,and netmask " + otherVlanNetmask
|
||||
+ ", Please specify the gateway/netmask if you want to extend ip range" );
|
||||
}
|
||||
|
||||
boolean vlansUntaggedAndVirtual = (vlanId.equals(Vlan.UNTAGGED) && vlanId.equals(vlan.getVlanTag())
|
||||
&& forVirtualNetwork && vlan.getVlanType() == VlanType.VirtualNetwork);
|
||||
|
||||
if (vlansUntaggedAndVirtual && !newVlanSubnet.equals(otherVlanSubnet)) {
|
||||
throw new InvalidParameterValueException(
|
||||
"The Untagged ip range with different subnet already exists in zone " + zone.getId());
|
||||
}
|
||||
|
||||
if (vlanId.equals(vlan.getVlanTag()) && newVlanSubnet.equals(otherVlanSubnet)) {
|
||||
if (NetUtils.ipRangesOverlap(startIP, endIP, otherVlanStartIP, otherVlanEndIP)) {
|
||||
throw new InvalidParameterValueException(
|
||||
"The IP range with tag: "
|
||||
+ vlan.getVlanTag()
|
||||
+ " already has IPs that overlap with the new range. Please specify a different start IP/end IP.");
|
||||
}
|
||||
|
||||
if (!vlanGateway.equals(otherVlanGateway)) {
|
||||
throw new InvalidParameterValueException("The IP range with tag: " + vlan.getVlanTag()
|
||||
+ " has already been added with gateway " + otherVlanGateway
|
||||
+ ". Please specify a different tag.");
|
||||
}
|
||||
if (NetUtils.ipRangesOverlap(startIP, endIP, otherVlanStartIP, otherVlanEndIP)) {
|
||||
throw new InvalidParameterValueException("The IP range already has IPs that overlap with the new range." +
|
||||
" Please specify a different start IP/end IP.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -3085,15 +3059,12 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
|||
}
|
||||
if (vlanId.equals(vlan.getVlanTag())) {
|
||||
if (NetUtils.isIp6RangeOverlap(ipv6Range, vlan.getIp6Range())) {
|
||||
throw new InvalidParameterValueException(
|
||||
"The IPv6 range with tag: "
|
||||
+ vlan.getVlanTag()
|
||||
+ " already has IPs that overlap with the new range. Please specify a different start IP/end IP.");
|
||||
throw new InvalidParameterValueException("The IPv6 range with tag: " + vlan.getVlanTag()
|
||||
+ " already has IPs that overlap with the new range. Please specify a different start IP/end IP.");
|
||||
}
|
||||
|
||||
if (!vlanIp6Gateway.equals(vlan.getIp6Gateway())) {
|
||||
throw new InvalidParameterValueException("The IP range with tag: " + vlan.getVlanTag()
|
||||
+ " has already been added with gateway " + vlan.getIp6Gateway()
|
||||
throw new InvalidParameterValueException("The IP range with tag: " + vlan.getVlanTag() + " has already been added with gateway " + vlan.getIp6Gateway()
|
||||
+ ". Please specify a different tag.");
|
||||
}
|
||||
}
|
||||
|
|
@ -4911,14 +4882,6 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
|||
}
|
||||
}
|
||||
|
||||
private boolean allowIpRangeOverlap(VlanVO vlan, boolean forVirtualNetwork, long networkId) {
|
||||
// FIXME - delete restriction for virtual network in the future
|
||||
if (vlan.getVlanType() == VlanType.DirectAttached && !forVirtualNetwork) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public ServiceOffering getServiceOffering(long serviceOfferingId) {
|
||||
|
|
|
|||
|
|
@ -1233,13 +1233,10 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService {
|
|||
}
|
||||
}
|
||||
|
||||
// Vlan is created in 2 cases - works in Advance zone only:
|
||||
// Vlan is created in 1 cases - works in Advance zone only:
|
||||
// 1) GuestType is Shared
|
||||
// 2) GuestType is Isolated, but SourceNat service is disabled
|
||||
boolean createVlan = (startIP != null && endIP != null && zone.getNetworkType() == NetworkType.Advanced
|
||||
&& ((ntwkOff.getGuestType() == Network.GuestType.Shared)
|
||||
|| (ntwkOff.getGuestType() == GuestType.Isolated &&
|
||||
!areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SourceNat))));
|
||||
&& (ntwkOff.getGuestType() == Network.GuestType.Shared));
|
||||
|
||||
if (!createVlan) {
|
||||
// Only support advance shared network in IPv6, which means createVlan is a must
|
||||
|
|
|
|||
Loading…
Reference in New Issue