New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
net: why not check valid when parse CIDR #30834
Comments
Please make sure what's valid and what's invalid from what point of view. |
take there is a check way using bash: https://stackoverflow.com/questions/50084229/bash-check-if-cidr-address-is-valid. For some case, the invalidation make network not communicate. |
Oh, please don't forget Pv6 addresses.
It's the length of the address prefix, no more no less.
We usually think that "okay, the attached address is 10.97.0.0/32, the address prefix is 10.96.0.0/12; presumably, the subnet address is 10.96.0.0/32 and the directed broadcast address is 10.111.255.255/32; what a big subnet! which RIR (Regional Internet Registry) allocates this for which organization?" |
take k8s network as example: |
CIDR format as ip/mask, now ParseCIDR() only check the validation of ip part not mask, so if use invalid CIDR, in this range, must have many subnets can not communicate. |
Sounds like that is not an issue of ParseCIDR. If your issue is that ParseCIDR accepts a valid CIDR notation and the behavior is not what you want, changing the behavior of ParseCIDR for your application is not an ideal solution (moreover the change will break Kubernetes and Docker). Instead, you may use ParseCIDR more appropriately like https://play.golang.org/p/z3cYDbR21ws Closing. |
Change https://golang.org/cl/168860 mentions this issue: |
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
yes
What did you do?
I setup an invalid CIDR address by mistake in k8s CNI then all pods in different nodes can not communicate each other, then i find code never check a CIDR address is valid or not.
Based on example in https://golang.org/pkg/net/#ParseCIDR, test some invalid CIDR address like
10.97.0.0/12
,192.167.0.0/12
, all can work. They are invalid based on my knowledge, aren't they?What did you expect to see?
Check validation when parse.
The text was updated successfully, but these errors were encountered: