<html><body>
<p><font size="2" face="sans-serif">Possibly, though I don't see code that checks the actual CIDR length. It seems to check CIDR correctness via IP correctness. ie, things like the ending IP not being smaller than the starting IP, etc.</font><br>
<br>
<font size="2" face="sans-serif">One change to my original message on what the fix is, we'd have to compare subnet_first_ip and subnet_last_ip... not start_ip and end_ip as those are from the pool passed in, not the actual first and last IPs in the subnet.</font><br>
<br>
<font size="2" face="sans-serif">In the launchpad bug report, it was mentioned you can create a subnet without a gateway. I would still contend this is invalid because then you have a VM on a single-IP subnet without a gateway, which is also a dead end.</font><br>
<br>
<font size="2" face="sans-serif">Thoughts?<br>
<br>
</font><br>
<br>
<tt><font size="2">Edgar Magana <emagana@plumgrid.com> wrote on 01/21/2014 03:04:47 PM:<br>
<br>
> From: Edgar Magana <emagana@plumgrid.com></font></tt><br>
<tt><font size="2">> To: OpenStack List <openstack-dev@lists.openstack.org>, </font></tt><br>
<tt><font size="2">> Date: 01/21/2014 03:10 PM</font></tt><br>
<tt><font size="2">> Subject: Re: [openstack-dev] [neutron] Neutron should disallow /32 CIDR</font></tt><br>
<tt><font size="2">> <br>
> Wouldn't be easier just to check if:</font></tt><br>
<tt><font size="2">> <br>
> cidr is 32?</font></tt><br>
<tt><font size="2">> <br>
> I believe it is a good idea to not allow /32 network but this is <br>
> just my opinion</font></tt><br>
<tt><font size="2">> <br>
> Edgar</font></tt><br>
<tt><font size="2">> <br>
> From: Paul Ward <wpward@us.ibm.com><br>
> Reply-To: OpenStack List <openstack-dev@lists.openstack.org><br>
> Date: Tuesday, January 21, 2014 12:35 PM<br>
> To: OpenStack List <openstack-dev@lists.openstack.org><br>
> Subject: [openstack-dev] [neutron] Neutron should disallow /32 CIDR</font></tt><br>
<tt><font size="2">> <br>
> Currently, NeutronDbPluginV2._validate_allocation_pools() does some <br>
> very basic checking to be sure the specified subnet is valid. One <br>
> thing that's missing is checking for a CIDR of /32. A subnet with <br>
> one IP address in it is unusable as the sole IP address will be <br>
> allocated to the gateway, and thus no IPs are left over to be <br>
> allocated to VMs.<br>
> <br>
> The fix for this is simple. In <br>
> NeutronDbPluginV2._validate_allocation_pools(), we'd check for <br>
> start_ip == end_ip and raise an exception if that's true.<br>
> <br>
> I've opened lauchpad bug report 1271311 (<a href="https://bugs.launchpad.net/">https://bugs.launchpad.net/</a><br>
> neutron/+bug/1271311) for this, but wanted to start a discussion <br>
> here to see if others find this enhancement to be a valuable addition.</font></tt><br>
<tt><font size="2">> _______________________________________________ OpenStack-dev mailing list <br>
> OpenStack-dev@lists.openstack.org <a href="http://lists.openstack.org/cgi-">http://lists.openstack.org/cgi-</a><br>
> bin/mailman/listinfo/openstack-dev <br>
> _______________________________________________<br>
> OpenStack-dev mailing list<br>
> OpenStack-dev@lists.openstack.org<br>
> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
</font></tt></body></html>