def _get_instance_and_tenant_id_helper(self, headers, list_ports_retval, networks=None, router_id=None, remote_address='192.168.1.1'): headers['X-Forwarded-For'] = remote_address req = mock.Mock(headers=headers) def mock_get_ports(*args, **kwargs): return list_ports_retval.pop(0) self.handler.plugin_rpc.get_ports.side_effect = mock_get_ports instance_id, tenant_id = self.handler._get_instance_and_tenant_id(req) expected = [] if networks and router_id: return (instance_id, tenant_id) if router_id: expected.append( mock.call( mock.ANY, {'device_id': [router_id], 'device_owner': n_const.ROUTER_INTERFACE_OWNERS} ) ) remote_ip = netaddr.IPAddress(remote_address) if remote_ip.is_link_local(): expected.append( mock.call( mock.ANY, {'network_id': networks, 'mac_address': [netutils.get_mac_addr_by_ipv6(remote_ip)]} ) ) else: expected.append( mock.call( mock.ANY, {'network_id': networks, 'fixed_ips': {'ip_address': ['192.168.1.1']}} ) ) self.handler.plugin_rpc.get_ports.assert_has_calls(expected) return (instance_id, tenant_id)
def _get_instance_and_tenant_id(self, req, skip_cache=False): forwarded_for = req.headers.get('X-Forwarded-For') network_id = req.headers.get('X-Neutron-Network-ID') router_id = req.headers.get('X-Neutron-Router-ID') # Only one should be given, drop since it could be spoofed if network_id and router_id: LOG.debug("Both network and router IDs were specified in proxy " "request, but only a single one of the two is allowed, " "dropping") return None, None remote_mac = None remote_ip = netaddr.IPAddress(forwarded_for) if remote_ip.version == constants.IP_VERSION_6: if remote_ip.is_ipv4_mapped(): # When haproxy listens on v4 AND v6 then it inserts ipv4 # addresses as ipv4-mapped v6 addresses into X-Forwarded-For. forwarded_for = str(remote_ip.ipv4()) if remote_ip.is_link_local(): # When haproxy sees an ipv6 link-local client address # (and sends that to us in X-Forwarded-For) we must rely # on the EUI encoded in it, because that's all we can # recognize. remote_mac = str(netutils.get_mac_addr_by_ipv6(remote_ip)) ports = self._get_ports(forwarded_for, network_id, router_id, skip_cache=skip_cache, remote_mac=remote_mac) LOG.debug( "Gotten ports for remote_address %(remote_address)s, " "network_id %(network_id)s, router_id %(router_id)s are: " "%(ports)s", { "remote_address": forwarded_for, "network_id": network_id, "router_id": router_id, "ports": ports }) if len(ports) == 1: return ports[0]['device_id'], ports[0]['tenant_id'] return None, None
def test_universal(self): self.assertEqual( netaddr.EUI('00:00:00:00:00:00'), netutils.get_mac_addr_by_ipv6( netaddr.IPAddress('fe80::200:ff:fe00:0')), )
def test_random_qemu_mac(self): self.assertEqual( netaddr.EUI('52:54:00:42:02:19'), netutils.get_mac_addr_by_ipv6( netaddr.IPAddress('fe80::5054:ff:fe42:219')), )
def test_reverse_generate_IPv6_by_EUI64(self): self.assertEqual( netaddr.EUI('00:16:3e:33:44:55'), netutils.get_mac_addr_by_ipv6( netaddr.IPAddress('2001:db8::216:3eff:fe33:4455')), )