Check network mask when init subnet

Signed-off-by: zhuanlan <[email protected]>
kubeovn · Sep 9, 2024 · 1944faa · 1944faa
1 parent 3653e74
commit 1944faa
Show file tree

Hide file tree

Showing 4 changed files with 36 additions and 4 deletions.
diff --git a/pkg/controller/init.go b/pkg/controller/init.go
@@ -301,6 +301,9 @@ func (c *Controller) InitIPAM() error {
 	subnetProviderMaps := make(map[string]string, len(subnets))
 	for _, subnet := range subnets {
 		subnetProviderMaps[subnet.Name] = subnet.Spec.Provider
+
+		klog.Infof("Init subnet %s", subnet.Name)
+
 		if err := c.ipam.AddOrUpdateSubnet(subnet.Name, subnet.Spec.CIDRBlock, subnet.Spec.Gateway, subnet.Spec.ExcludeIps); err != nil {
 			klog.Errorf("failed to init subnet %s: %v", subnet.Name, err)
 		}

diff --git a/pkg/ipam/ip_range_list.go b/pkg/ipam/ip_range_list.go
@@ -15,7 +15,7 @@ type IPRangeList struct {
 }
 
 func NewEmptyIPRangeList() *IPRangeList {
-	return &IPRangeList{}
+	return &IPRangeList{make([]*IPRange, 0)}
 }
 
 func NewIPRangeList(ips ...IP) (*IPRangeList, error) {
@@ -31,7 +31,7 @@ func NewIPRangeList(ips ...IP) (*IPRangeList, error) {
 }
 
 func NewIPRangeListFrom(x ...string) (*IPRangeList, error) {
-	ret := &IPRangeList{}
+	ret := &IPRangeList{make([]*IPRange, 0)}
 	for _, s := range x {
 		var r *IPRange
 

diff --git a/pkg/util/net.go b/pkg/util/net.go
@@ -712,3 +712,25 @@ func InvalidCIDR(s string) error {
 	}
 	return nil
 }
+
+func InvalidNetworkMask(network *net.IPNet) error {
+	mask := net.IP(network.Mask).String()
+	fmt.Printf(" %s mask is invalid", mask)
+	ip := network.IP
+	if ip.To4() != nil {
+		if mask == "255.255.255.255" {
+			err := errors.New("invalid ipv4 mask 32")
+			klog.Error(err)
+			return err
+		}
+	}
+	if ip.To16() != nil {
+		if mask == "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff" {
+			err := errors.New("invalid ipv6 mask 128")
+			klog.Error(err)
+			return err
+		}
+	}
+
+	return nil
+}
diff --git a/pkg/util/validator.go b/pkg/util/validator.go
@@ -78,8 +78,15 @@ func ValidateSubnet(subnet kubeovnv1.Subnet) error {
 			klog.Errorf("invalid subnet %s cidr %s, %s", subnet.Name, cidr, err)
 			return err
 		}
-		if _, _, err := net.ParseCIDR(cidr); err != nil {
-			return fmt.Errorf("subnet %s cidr %s is invalid", subnet.Name, cidr)
+		var network *net.IPNet
+		_, network, err := net.ParseCIDR(cidr)
+		if err != nil {
+			return fmt.Errorf("subnet %s cidr %s is invalid, due to %w", subnet.Name, cidr, err)
+		}
+		// check network mask is 32 in ipv4 or 128 in ipv6
+		err = InvalidNetworkMask(network)
+		if err != nil {
+			return fmt.Errorf("subnet %s cidr %s mask is invalid, due to %w", subnet.Name, cidr, err)
 		}
 	}