Bug 1898613 - Whereabouts should exclude IPv6 ranges
Summary: Whereabouts should exclude IPv6 ranges
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.6
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.7.0
Assignee: Douglas Smith
QA Contact: Weibin Liang
URL:
Whiteboard:
: 1898670 (view as bug list)
Depends On:
Blocks: 1898616 1898618 1898672 1898675 1913062
TreeView+ depends on / blocked
 
Reported: 2020-11-17 16:25 UTC by Douglas Smith
Modified: 2021-05-17 07:08 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: Whereabouts did not properly convert ranges to IPv6 Consequence: IPv6 excluded ranges were not honored. Fix: Convert ranges to IPv6 Result: Now honored IPv6 excluded ranges.
Clone Of:
: 1898616 1913062 (view as bug list)
Environment:
Last Closed: 2021-02-24 15:34:16 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2020:5633 0 None None None 2021-02-24 15:34:53 UTC

Description Douglas Smith 2020-11-17 16:25:04 UTC
Description of problem: Whereabouts doesn't exclude IPv6 ranges, see: https://github.com/dougbtv/whereabouts/issues/71

How reproducible: Always


Steps to Reproduce:

Use a range like:
```
  "ipam": {
   "type": "whereabouts",
   "range": "caa5::0/112",
   "exclude": ["caa5::0/113"]
  }
```


Actual results: IP addresses are `caa5::1, caa5::2, etc...`


Expected results: First address should be `caa5::8000`


Additional info: Upstream PR @ https://github.com/dougbtv/whereabouts/pull/74 master PR @ https://github.com/openshift/whereabouts-cni/pull/36

Comment 1 Douglas Smith 2020-11-17 16:26:28 UTC
This has been modified and merged into master @ https://github.com/openshift/whereabouts-cni/pull/36, thanks Weibin for taking a look.

Comment 2 Weibin Liang 2020-11-18 19:11:03 UTC
Test results show the first address is caa5::8001, not caa5::8000


[weliang@weliang tools]$ oc exec whereabouts-podv6-5 -- ip a | grep caa5
    inet6 caa5::8005/112 scope global 
[weliang@weliang tools]$ oc exec whereabouts-podv6-4 -- ip a | grep caa5
    inet6 caa5::8003/112 scope global 
[weliang@weliang tools]$ oc exec whereabouts-podv6-3 -- ip a | grep caa5
    inet6 caa5::8004/112 scope global 
[weliang@weliang tools]$ oc exec whereabouts-podv6-2 -- ip a | grep caa5
    inet6 caa5::8001/112 scope global 
[weliang@weliang tools]$ oc exec whereabouts-podv6-1 -- ip a | grep caa5
    inet6 caa5::8002/112 scope global 
[weliang@weliang tools]$ oc get pod
NAME                  READY   STATUS    RESTARTS   AGE
whereabouts-podv6-1   1/1     Running   0          2m41s
whereabouts-podv6-2   1/1     Running   0          2m40s
whereabouts-podv6-3   1/1     Running   0          2m39s
whereabouts-podv6-4   1/1     Running   0          2m39s
whereabouts-podv6-5   1/1     Running   0          2m38s
[weliang@weliang tools]$

Comment 3 Douglas Smith 2020-12-02 22:30:16 UTC
Ah ha! Good catch, thanks Weibin :) Turns out Whereabouts was trying to omit the broadcast address, for an IPv6 address, and.... broadcast is not a thing in IPv6!

I've got an upstream PR @ https://github.com/dougbtv/whereabouts/pull/77

Comment 5 Weibin Liang 2021-01-05 19:54:16 UTC
Tested and verified in 4.7.0-0.nightly-2021-01-05-055003

Comment 6 Douglas Smith 2021-01-08 17:16:32 UTC
*** Bug 1898670 has been marked as a duplicate of this bug. ***

Comment 9 errata-xmlrpc 2021-02-24 15:34:16 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:5633


Note You need to log in before you can comment on or make changes to this bug.