NSX|V3+P: Validate static routes ip version

Change-Id: Ia7074ea986095f5e83f387d0e80d85a5ea899086
2019-10-24 10:00:26 +03:00 · 2019-10-24 10:00:26 +03:00 · 519415dcbe
parent bc92c6fa93
commit 519415dcbe
2 changed files with 27 additions and 0 deletions
--- a/vmware_nsx/plugins/common_v3/plugin.py
+++ b/vmware_nsx/plugins/common_v3/plugin.py
@ -1461,6 +1461,19 @@ class NsxPluginV3Base(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
                    LOG.error(error_message)
                    raise n_exc.InvalidInput(error_message=error_message)

+    def _validate_routes(self, context, router_id, routes):
+        super(NsxPluginV3Base, self)._validate_routes(
+            context, router_id, routes)
+        # routes with mixed ip versions are not allowed
+        for route in routes:
+            if route.get('destination') and route.get('nexthop'):
+                dest_ver = netaddr.IPNetwork(route['destination']).version
+                nexthop_ver = netaddr.IPAddress(route['nexthop']).version
+                if dest_ver != nexthop_ver:
+                    msg = _("Static route network CIDR and next hop IP "
+                            "addresses must be same address family.")
+                    raise n_exc.BadRequest(resource='router', msg=msg)
+
    def _get_static_routes_diff(self, context, router_id, gw_info,
                                router_data):
        new_routes = router_data['routes']
--- a/vmware_nsx/tests/unit/nsx_p/test_plugin.py
+++ b/vmware_nsx/tests/unit/nsx_p/test_plugin.py
@ -1983,6 +1983,20 @@ class NsxPTestL3NatTestCase(NsxPTestL3NatTest,
                    r['router']['id'], n['network']['id'],
                    expected_code=exc.HTTPBadRequest.code)

+    def test_route_update_illegal_ip_ver(self):
+        routes = [{'destination': '21.0.0.0/24',
+                   'nexthop': 'fd00::d6c'}]
+        with self.router() as r:
+            with self.subnet(cidr='fd00::0/64', ip_version=6,
+                             enable_dhcp=False) as s:
+                fixed_ip_data = [{'ip_address': 'fd00::2'}]
+                with self.port(subnet=s, fixed_ips=fixed_ip_data) as p:
+                    self._router_interface_action(
+                        'add', r['router']['id'], None, p['port']['id'])
+                    self._update('routers', r['router']['id'],
+                                 {'router': {'routes': routes}},
+                                 expected_code=400)
+
    def test_router_update_on_external_port(self):
        with self.router() as r:
            with self._create_l3_ext_network() as ext_net,\