Public bug reported: I have the following configuration entry in /etc/neutron/plugins/ml2/ml2_conf.ini:
[ml2_type_vlan] network_vlan_ranges = default:1:4093 However, creating a new network with a segmentation_id of 4094 is NOT prevented. In looking at type_vlan.py (https://github.com/openstack/neutron/blob/master/neutron/plugins/ml2/drivers/type_vlan.py), I see validate_provider_segment() does no enforcement of the vlan ranges specified in network_vlan_ranges. It does validate that the physical network name is defined, that the segmentation_id specified is in the entire list of valid vlans, but it doesn't check against the actual range defined in ml2_conf.ini. I propose a fix of simply checking the network segment's segmentation_id against the network_vlan_ranges defined range, which has been populated into the self.network_vlan_ranges dictionary in TypeVlanDriver. If the segmentation_id is out of the range, then raise an InvalidInput exception as is already done for other violations. ** Affects: neutron Importance: Undecided Assignee: Paul Ward (wpward) Status: New ** Changed in: neutron Assignee: (unassigned) => Paul Ward (wpward) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1269926 Title: ML2 vlan type driver does not honor network_vlan_ranges Status in OpenStack Neutron (virtual network service): New Bug description: I have the following configuration entry in /etc/neutron/plugins/ml2/ml2_conf.ini: [ml2_type_vlan] network_vlan_ranges = default:1:4093 However, creating a new network with a segmentation_id of 4094 is NOT prevented. In looking at type_vlan.py (https://github.com/openstack/neutron/blob/master/neutron/plugins/ml2/drivers/type_vlan.py), I see validate_provider_segment() does no enforcement of the vlan ranges specified in network_vlan_ranges. It does validate that the physical network name is defined, that the segmentation_id specified is in the entire list of valid vlans, but it doesn't check against the actual range defined in ml2_conf.ini. I propose a fix of simply checking the network segment's segmentation_id against the network_vlan_ranges defined range, which has been populated into the self.network_vlan_ranges dictionary in TypeVlanDriver. If the segmentation_id is out of the range, then raise an InvalidInput exception as is already done for other violations. To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1269926/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
