Subnets with prefix length 0 are invalid

This patch changes the API behaviour to return a 400 error when a subnet with /0 prefix length is specified. This kind of subnet hardly make any sense, and also cannot possibly work when DHCP is enabled. Change-Id: I8f822f14b91475dcf86ea44ee607013e61cbb6f7 Closes-Bug: #1362651
2014-08-28 14:54:18 -07:00 · 2014-08-28 14:54:18 -07:00 · f2aa93767e
parent fed5dcf5ee
commit f2aa93767e
2 changed files with 21 additions and 0 deletions
--- a/neutron/db/db_base_plugin_v2.py
+++ b/neutron/db/db_base_plugin_v2.py
@ -564,6 +564,16 @@ class NeutronDbPluginV2(neutron_plugin_base_v2.NeutronPluginBaseV2,
        CIDR if overlapping IPs are disabled.
        """
        new_subnet_ipset = netaddr.IPSet([new_subnet_cidr])
+        # Disallow subnets with prefix length 0 as they will lead to
+        # dnsmasq failures (see bug 1362651).
+        # This is not a discrimination against /0 subnets.
+        # A /0 subnet is conceptually possible but hardly a practical
+        # scenario for neutron's use cases.
+        for cidr in new_subnet_ipset.iter_cidrs():
+            if cidr.prefixlen == 0:
+                err_msg = _("0 is not allowed as CIDR prefix length")
+                raise n_exc.InvalidInput(error_message=err_msg)
+
        if cfg.CONF.allow_overlapping_ips:
            subnet_list = network.subnets
        else:
--- a/neutron/tests/unit/test_db_plugin.py
+++ b/neutron/tests/unit/test_db_plugin.py
@ -2357,6 +2357,17 @@ class TestSubnetsV2(NeutronDbPluginV2TestCase):
            res = subnet_req.get_response(self.api)
            self.assertEqual(res.status_int, webob.exc.HTTPClientError.code)

+    def test_create_subnet_bad_V4_cidr_prefix_len(self):
+        with self.network() as network:
+            data = {'subnet': {'network_id': network['network']['id'],
+                    'cidr': '0.0.0.0/0',
+                    'ip_version': '4',
+                    'tenant_id': network['network']['tenant_id'],
+                    'gateway_ip': '0.0.0.1'}}
+            subnet_req = self.new_create_request('subnets', data)
+            res = subnet_req.get_response(self.api)
+            self.assertEqual(res.status_int, webob.exc.HTTPClientError.code)
+
    def test_create_subnet_bad_V6_cidr(self):
        with self.network() as network:
            data = {'subnet': {'network_id': network['network']['id'],