def test_ip_range_intersection(self): nm = NetworkManager() self.assertEqual(nm.is_range_in_cidr( IPRange('192.168.0.0', '192.168.255.255'), IPNetwork('192.168.1.0/24') ), True) self.assertEqual(nm.is_range_in_cidr( IPRange('164.174.47.1', '191.0.0.0'), IPNetwork('192.168.1.0/24') ), False) self.assertEqual(nm.is_range_in_cidr( IPRange('192.168.0.0', '192.168.255.255'), IPRange('164.174.47.1', '191.0.0.0') ), False) self.assertEqual(nm.is_range_in_cidr( IPNetwork('192.168.1.0/8'), IPNetwork('192.168.1.0/24') ), True) self.assertEqual(nm.is_range_intersection( IPRange('192.168.0.0', '192.168.255.255'), IPNetwork('192.168.1.0/24') ), True) self.assertEqual(nm.is_range_intersection( IPRange('164.174.47.1', '191.0.0.0'), IPNetwork('192.168.1.0/24') ), False) self.assertEqual(nm.is_range_intersection( IPRange('192.168.0.0', '192.168.255.255'), IPRange('164.174.47.1', '191.0.0.0') ), False) self.assertEqual(nm.is_range_intersection( IPNetwork('192.168.1.0/8'), IPNetwork('192.168.1.0/24') ), True) self.assertEqual(nm.is_range_intersection( IPRange('192.168.0.0', '192.168.130.255'), IPRange('192.168.128.0', '192.168.255.255'), ), True) self.assertEqual(nm.is_cidr_intersection( IPNetwork('192.168.0.0/20'), IPNetwork('192.168.1.0/24') ), True) self.assertEqual(nm.is_cidr_intersection( IPNetwork('164.164.0.0/14'), IPNetwork('192.168.1.0/24') ), False) self.assertEqual(nm.is_cidr_intersection( IPNetwork('164.174.47.0/25'), IPNetwork('164.174.47.128/25') ), False) self.assertEqual(nm.is_cidr_intersection( IPNetwork('192.168.1.0/8'), IPNetwork('192.168.1.0/24') ), True)
def test_ip_range_intersection(self): nm = NetworkManager() self.assertEqual( nm.is_range_in_cidr(IPRange('192.168.0.0', '192.168.255.255'), IPNetwork('192.168.1.0/24')), True) self.assertEqual( nm.is_range_in_cidr(IPRange('164.174.47.1', '191.0.0.0'), IPNetwork('192.168.1.0/24')), False) self.assertEqual( nm.is_range_in_cidr(IPRange('192.168.0.0', '192.168.255.255'), IPRange('164.174.47.1', '191.0.0.0')), False) self.assertEqual( nm.is_range_in_cidr(IPNetwork('192.168.1.0/8'), IPNetwork('192.168.1.0/24')), True) self.assertEqual( nm.is_range_intersection(IPRange('192.168.0.0', '192.168.255.255'), IPNetwork('192.168.1.0/24')), True) self.assertEqual( nm.is_range_intersection(IPRange('164.174.47.1', '191.0.0.0'), IPNetwork('192.168.1.0/24')), False) self.assertEqual( nm.is_range_intersection(IPRange('192.168.0.0', '192.168.255.255'), IPRange('164.174.47.1', '191.0.0.0')), False) self.assertEqual( nm.is_range_intersection(IPNetwork('192.168.1.0/8'), IPNetwork('192.168.1.0/24')), True) self.assertEqual( nm.is_range_intersection( IPRange('192.168.0.0', '192.168.130.255'), IPRange('192.168.128.0', '192.168.255.255'), ), True) self.assertEqual( nm.is_cidr_intersection(IPNetwork('192.168.0.0/20'), IPNetwork('192.168.1.0/24')), True) self.assertEqual( nm.is_cidr_intersection(IPNetwork('164.164.0.0/14'), IPNetwork('192.168.1.0/24')), False) self.assertEqual( nm.is_cidr_intersection(IPNetwork('164.174.47.0/25'), IPNetwork('164.174.47.128/25')), False) self.assertEqual( nm.is_cidr_intersection(IPNetwork('192.168.1.0/8'), IPNetwork('192.168.1.0/24')), True)
def nova_net_check(cls, task, data, check_admin_untagged): # If not set in data then fetch from db if 'net_manager' in data: netmanager = data['net_manager'] else: netmanager = task.cluster.net_manager if 'networks' in data: networks = data['networks'] else: networks = map(lambda x: x.__dict__, task.cluster.network_groups) result = [] err_msgs = [] # checking if there are untagged # networks on the same interface # (main) as admin network if check_admin_untagged: untagged_nets = set( n["id"] for n in filter( lambda n: (n["vlan_start"] is None), networks)) if untagged_nets: logger.info( "Untagged networks found, " "checking admin network intersection...") admin_interfaces = map(lambda node: node.admin_interface, task.cluster.nodes) found_intersection = [] for iface in admin_interfaces: nets = dict( (n.id, n.name) for n in iface.assigned_networks) err_nets = set(nets.keys()) & untagged_nets if err_nets: err_net_names = [ '"{0}"'.format(nets[i]) for i in err_nets] found_intersection.append( [iface.node.name, err_net_names]) if found_intersection: nodes_with_errors = [ u'Node "{0}": {1}'.format( name, ", ".join(_networks) ) for name, _networks in found_intersection] err_msg = u"Some untagged networks are " \ "assigned to the same physical interface as " \ "admin (PXE) network. You can whether turn " \ "on tagging for these OpenStack " \ "networks or move them to another physical " \ "interface:\n{0}".format("\n".join( nodes_with_errors)) raise errors.NetworkCheckError(err_msg, add_client=False) net_man = NetworkManager() admin_ng = net_man.get_admin_network_group() admin_range = netaddr.IPNetwork(admin_ng.cidr) for ng in networks: net_errors = [] sub_ranges = [] ng_db = db().query(NetworkGroup).get(ng['id']) if not ng_db: net_errors.append("id") err_msgs.append(u"Invalid network ID: {0}".format(ng['id'])) else: if ng.get('cidr'): fnet = netaddr.IPNetwork(ng['cidr']) if net_man.is_range_intersection(fnet, admin_range): net_errors.append("cidr") err_msgs.append( u"Intersection with admin " "network(s) '{0}' found".format( admin_ng.cidr ) ) if fnet.size < ng['network_size'] * ng['amount']: net_errors.append("cidr") err_msgs.append( u"CIDR size for network '{0}' " "is less than required".format( ng.get('name') or ng_db.name or ng_db.id ) ) # Check for intersection with Admin network if 'ip_ranges' in ng: for k, v in enumerate(ng['ip_ranges']): ip_range = netaddr.IPRange(v[0], v[1]) if net_man.is_range_intersection(admin_range, ip_range): net_errors.append("cidr") err_msgs.append( u"IP range {0} - {1} in {2} network intersects" " with admin range of {3}".format( v[0], v[1], ng.get('name') or ng_db.name or ng_db.id, admin_ng.cidr ) ) sub_ranges.append(k) if ng.get('amount') > 1 and netmanager == 'FlatDHCPManager': net_errors.append("amount") err_msgs.append( u"Network amount for '{0}' is more than 1 " "while using FlatDHCP manager.".format( ng.get('name') or ng_db.name or ng_db.id ) ) if net_errors: result.append({ "id": int(ng["id"]), "range_errors": sub_ranges, "errors": net_errors }) if err_msgs: task.result = result db().add(task) db().commit() full_err_msg = "\n".join(err_msgs) raise errors.NetworkCheckError(full_err_msg, add_client=False)