Merge "[DVR] Set arp entries only for single IPs given as allowed addr pair" into stable/train

neutron/agent/l3/dvr_local_router.py

@@ -354,10 +354,16 @@ class DvrLocalRouter(dvr_router_base.DvrRouterBase):
                                            subnet_id,
                                            'add')
                 for allowed_address_pair in p.get('allowed_address_pairs', []):
-                    self._update_arp_entry(allowed_address_pair['ip_address'],
-                                           allowed_address_pair['mac_address'],
-                                           subnet_id,
-                                           'add')
+                    if ('/' not in str(allowed_address_pair['ip_address']) or
+                            common_utils.is_cidr_host(
+                                allowed_address_pair['ip_address'])):
+                        ip_address = common_utils.cidr_to_ip(
+                            allowed_address_pair['ip_address'])
+                        self._update_arp_entry(
+                            ip_address,
+                            allowed_address_pair['mac_address'],
+                            subnet_id,
+                            'add')
 
         # subnet_ports does not have snat port if the port is still unbound
         # by the time this function is called. So ensure to add arp entry

neutron/tests/functional/agent/l3/test_dvr_router.py

@@ -1038,13 +1038,18 @@ class TestDvrRouter(DvrRouterTestFramework, framework.L3AgentTestFramework):
         # cache is properly populated.
         self.agent.conf.agent_mode = 'dvr_snat'
         router_info = self.generate_dvr_router_info(enable_snat=True)
-        expected_neighbors = ['35.4.1.10', '10.0.0.10']
+        expected_neighbors = ['35.4.1.10', '10.0.0.10', '10.200.0.3']
+        allowed_address_net = netaddr.IPNetwork('10.100.0.0/30')
         port_data = {
             'fixed_ips': [{'ip_address': expected_neighbors[0]}],
             'mac_address': 'fa:3e:aa:bb:cc:dd',
             'device_owner': DEVICE_OWNER_COMPUTE,
             'allowed_address_pairs': [
                 {'ip_address': expected_neighbors[1],
+                 'mac_address': 'fa:3e:aa:bb:cc:dd'},
+                {'ip_address': '10.200.0.3/32',
+                 'mac_address': 'fa:3e:aa:bb:cc:dd'},
+                {'ip_address': str(allowed_address_net),
                  'mac_address': 'fa:3e:aa:bb:cc:dd'}]
         }
         self.agent.plugin_rpc.get_ports_by_subnet.return_value = [port_data]
@@ -1052,11 +1057,18 @@ class TestDvrRouter(DvrRouterTestFramework, framework.L3AgentTestFramework):
         internal_device = router1.get_internal_device_name(
             router_info['_interfaces'][0]['id'])
         for expected_neighbor in expected_neighbors:
-            neighbor = ip_lib.dump_neigh_entries(4, internal_device,
-                                                 router1.ns_name,
-                                                 dst=expected_neighbor)
+            neighbor = ip_lib.dump_neigh_entries(
+                lib_constants.IP_VERSION_4, internal_device,
+                router1.ns_name,
+                dst=expected_neighbor)
             self.assertNotEqual([], neighbor)
             self.assertEqual(expected_neighbor, neighbor[0]['dst'])
+        for not_expected_neighbor in allowed_address_net:
+            neighbor = ip_lib.dump_neigh_entries(
+                lib_constants.IP_VERSION_4, internal_device,
+                router1.ns_name,
+                dst=str(not_expected_neighbor))
+            self.assertEqual([], neighbor)
 
     def _assert_rfp_fpr_mtu(self, router, expected_mtu=1500, enable_gw=True):
         if not enable_gw: