[lxc-devel] [lxc-ci/master] bin/test-lxd-ovn: Adds external subnets and routes overlap checks

tomponline on Github lxc-bot at linuxcontainers.org
Thu Oct 29 13:43:29 UTC 2020 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 414 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20201029/13a85d2b/attachment.bin>
-------------- next part --------------
From 02bceb0499651a10c9add213a12e4255a2e746f9 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Thu, 29 Oct 2020 13:42:37 +0000
Subject: [PATCH] bin/test-lxd-ovn: Adds external subnets and routes overlap
 checks

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 bin/test-lxd-ovn | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/bin/test-lxd-ovn b/bin/test-lxd-ovn
index a2844cd..f011144 100755
--- a/bin/test-lxd-ovn
+++ b/bin/test-lxd-ovn
@@ -151,6 +151,13 @@ lxc network create ovn-virtual-network --type=ovn --project testovn network=dumm
     ipv4.nat=false \
     ipv6.nat=false
 
+# Check network external subnet overlap.
+! lxc network create ovn-virtual-network2 --type=ovn --project default network=dummy \
+    ipv4.address=198.51.100.1/26 \
+    ipv6.address=2001:db8:1:2::1/122 \
+    ipv4.nat=false \
+    ipv6.nat=false || false
+
 lxc init images:ubuntu/20.04 u1 --project testovn
 lxc config device add u1 eth0 nic network=ovn-virtual-network name=eth0 --project testovn
 lxc start u1 --project testovn
@@ -170,10 +177,20 @@ lxc network set ovn-virtual-network --project testovn \
     ipv4.nat=true \
     ipv6.nat=true
 
+# Check external routes are ensured to be within uplink's external routes.
 ! lxc config device set u1 eth0 ipv4.routes.external=198.51.100.0/24 --project testovn || false
 ! lxc config device set u1 eth0 ipv6.routes.external=2001:db8:1:2::/64 --project testovn || false
 lxc config device set u1 eth0 ipv4.routes.external=198.51.100.0/26 --project testovn
 lxc config device set u1 eth0 ipv6.routes.external=2001:db8:1:2::/122 --project testovn
+
+# Check NIC external route overlap detection.
+lxc init images:ubuntu/20.04 u2 --project testovn
+lxc config device add u2 eth0 nic network=ovn-virtual-network name=eth0 --project testovn
+! lxc config device set u2 eth0 ipv4.routes.external=198.51.100.1/32 --project testovn || false
+! lxc config device set u2 eth0 ipv6.routes.external=2001:db8:1:2::1/128 --project testovn || false
+lxc delete -f u2 --project testovn
+
+# Check DNAT rules get added when starting instance port with external routes.
 lxc start u1 --project testovn
 ovn-nbctl --bare --format=csv --column=external_ip,logical_ip,type find nat
 ovn-nbctl --bare --format=csv --column=external_ip,logical_ip,type find nat | grep "198.51.100.0,198.51.100.0,dnat_and_snat"

More information about the lxc-devel mailing list