Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dhcpv6-server: T3493: adds prefix range validation and fixes typos in… #3499

Merged
merged 1 commit into from
May 22, 2024
Merged

dhcpv6-server: T3493: adds prefix range validation and fixes typos in… #3499

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 26 additions & 6 deletions src/conf_mode/service_dhcpv6-server.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,21 +85,21 @@ def verify(dhcpv6):

# Stop address must be greater or equal to start address
if not ip_address(stop) >= ip_address(start):
raise ConfigError(f'address-range stop address "{stop}" must be greater then or equal ' \
raise ConfigError(f'address-range stop address "{stop}" must be greater than or equal ' \
f'to the range start address "{start}"!')

# DHCPv6 range start address must be unique - two ranges can't
# start with the same address - makes no sense
if start in range6_start:
raise ConfigError(f'Conflicting DHCPv6 lease range: '\
f'Pool start address "{start}" defined multipe times!')
f'Pool start address "{start}" defined multiple times!')
range6_start.append(start)

# DHCPv6 range stop address must be unique - two ranges can't
# end with the same address - makes no sense
if stop in range6_stop:
raise ConfigError(f'Conflicting DHCPv6 lease range: '\
f'Pool stop address "{stop}" defined multipe times!')
f'Pool stop address "{stop}" defined multiple times!')
range6_stop.append(stop)

if 'prefix' in subnet_config:
Expand All @@ -113,12 +113,32 @@ def verify(dhcpv6):
raise ConfigError('prefix-delegation start address not defined!')

for prefix, prefix_config in subnet_config['prefix_delegation']['start'].items():
prefix_start_addr = prefix

# Prefix start address must be inside network
if not ip_address(prefix_start_addr) in ip_network(subnet):
raise ConfigError(f'Prefix delegation start address '\
f'"{prefix_start_addr}" is not in '\
f'subnet "{subnet}"')

if 'stop' not in prefix_config:
raise ConfigError(f'Stop address of delegated IPv6 prefix range "{prefix}" '\
raise ConfigError(f'Stop address of delegated IPv6 '\
f'prefix range "{prefix}" '\
f'must be configured')

if 'stop' in prefix_config:
prefix_stop_addr = prefix_config['stop']

# Prefix stop address must be inside network
if not (ip_address(prefix_stop_addr) in
ip_network(subnet)):
raise ConfigError(f'Prefix delegation stop '\
f'address "{prefix_stop_addr}" '\
f'is not in subnet "{subnet}"')

if 'prefix_length' not in prefix_config:
raise ConfigError('Length of delegated IPv6 prefix must be configured')
raise ConfigError(f'Length of delegated IPv6 prefix '\
f'must be configured')

# Static mappings don't require anything (but check if IP is in subnet if it's set)
if 'static_mapping' in subnet_config:
Expand All @@ -130,7 +150,7 @@ def verify(dhcpv6):

if 'vendor_option' in subnet_config:
if len(dict_search('vendor_option.cisco.tftp_server', subnet_config)) > 2:
raise ConfigError(f'No more then two Cisco tftp-servers should be defined for subnet "{subnet}"!')
raise ConfigError(f'No more than two Cisco tftp-servers should be defined for subnet "{subnet}"!')

# Subnets must be unique
if subnet in subnets:
Expand Down
Loading