openstack
/
neutron
Code Issues Proposed changes
neutron/neutron
History
Brian Haley 0325b98c54 Set IPset hash type to 'net' instead of 'ip' 
The previous hash type was 'ip' and this caused a major
issue with the allowed address pairs extension since it
results in CIDRs being passed to ipset. When the hash type
is 'ip', a CIDR is completely enumerated into all of its
addresses so 10.100.0.0/16 results in ~65k entries. This
meant a single allowed_address_pairs entry could easily
exhaust an entire set.

This patch changes the hash type to 'net', which is designed
to handle a CIDRs as a single entry.

This patch also changes the names of the ipsets because
creating an ipset with different parameters will cause an
error and our ipset manager code isn't robust enough to handle
that at this time.

Related-Bug: #1439817
Related-Bug: #1444397
(based on commit a38b5df5cd)

Change-Id: I8177699b157cd3eac46e2f481f47b5d966c49b07
 		2015-05-08 11:00:20 +00:00
..
agent Set IPset hash type to 'net' instead of 'ip' 2015-05-08 11:00:20 +00:00
api attributes: Additional IP address validation 2015-03-05 20:59:54 +00:00
cmd Remove @author(s) from copyright statements 2014-09-15 21:40:09 +09:00
common Merge "Fix IPv6 Subnet Slaac Check" into stable/juno 2015-01-29 07:52:11 +00:00
db Return from check_ports_exist_on_l3agent if no subnet found 2015-04-09 16:10:33 -07:00
debug Merge "Clarify message when no probes are cleared" 2014-09-13 15:29:24 +00:00
extensions Convert all incoming protocol numbers to string 2014-11-25 10:56:32 -08:00
hacking Make sure we don't introduce oslo_* imports during backports 2015-02-11 13:51:40 +01:00
locale Imported Translations from Transifex 2014-10-08 03:39:47 +00:00
notifiers fix event_send for re-assign floating ip 2014-11-12 07:57:43 -08:00
openstack Fix spelling mistakes 2014-08-01 16:10:23 +00:00
plugins Merge "VMware NSX: Fix DVR operations" into stable/juno 2015-04-22 15:43:18 +00:00
scheduler Merge "Add a new scheduler for the l3 HA" 2014-09-13 13:06:47 +00:00
server Configure agents using neutron.common.config.init (formerly .parse) 2014-06-17 21:56:24 +02:00
services Remove @author(s) from copyright statements 2014-09-15 21:40:09 +09:00
tests Set IPset hash type to 'net' instead of 'ip' 2015-05-08 11:00:20 +00:00
__init__.py Remove the useless vim modelines 2014-06-21 15:07:31 +08:00
auth.py add auth token to context 2014-08-12 11:17:21 +09:00
context.py Fix context.elevated 2014-11-25 11:20:34 +08:00
hooks.py Remove the useless vim modelines 2014-06-21 15:07:31 +08:00
manager.py Moved rpc_compat.py code back into rpc.py 2014-06-24 10:35:39 +02:00
neutron_plugin_base_v2.py Throw exception instances instead of classes 2014-09-07 12:56:30 +04:00
policy.py Merge "Forbid regular users to reset admin-only attrs to default values" 2014-09-25 03:58:57 +00:00
quota.py Remove the useless vim modelines 2014-06-21 15:07:31 +08:00
service.py Use stop() method on MessageHandlingServer 2015-01-12 09:22:48 +00:00
version.py Remove the useless vim modelines 2014-06-21 15:07:31 +08:00
wsgi.py Eventlet green threads not released back to pool 2015-01-02 05:41:54 +00:00