From cc4ce81ece57faca8ce111b8f3748389ecb40202 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Fri, 29 Dec 2023 13:29:02 +0100 Subject: vyos.template: T5869: first_host_address() does not honor RFC4291 section 2.6.1 The subnet router anycast address is predefined. Its format is as follows: | n bits | 128-n bits | +------------------------------------------------+----------------+ | subnet prefix | 00000000000000 | +------------------------------------------------+----------------+ The "subnet prefix" in an anycast address is the prefix that identifies a specific link. This anycast address is syntactically the same as a unicast address for an interface on the link with the interface identifier set to zero. Packets sent to the Subnet-Router anycast address will be delivered to one router on the subnet. All routers are required to support the Subnet-Router anycast addresses for the subnets to which they have interfaces. The Subnet-Router anycast address is intended to be used for applications where a node needs to communicate with any one of the set of routers. Our code as of now returns the subnet router anycast address as the first_host_address(). --- python/vyos/template.py | 11 +++-------- src/tests/test_template.py | 13 ++++++++----- 2 files changed, 11 insertions(+), 13 deletions(-) diff --git a/python/vyos/template.py b/python/vyos/template.py index 77b6a5ab0..29ea0889b 100644 --- a/python/vyos/template.py +++ b/python/vyos/template.py @@ -316,20 +316,15 @@ def is_ipv6(text): except: return False @register_filter('first_host_address') -def first_host_address(text): +def first_host_address(prefix): """ Return first usable (host) IP address from given prefix. Example: - 10.0.0.0/24 -> 10.0.0.1 - 2001:db8::/64 -> 2001:db8:: """ from ipaddress import ip_interface - from ipaddress import IPv4Network - from ipaddress import IPv6Network - - addr = ip_interface(text) - if addr.version == 4: - return str(addr.ip +1) - return str(addr.ip) + tmp = ip_interface(prefix).network + return str(tmp.network_address +1) @register_filter('last_host_address') def last_host_address(text): diff --git a/src/tests/test_template.py b/src/tests/test_template.py index 2d065f545..cff977283 100644 --- a/src/tests/test_template.py +++ b/src/tests/test_template.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2020 VyOS maintainers and contributors +# Copyright (C) 2020-2023 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -81,9 +81,13 @@ class TestVyOSTemplate(TestCase): self.assertEqual(vyos.template.netmask_from_cidr('2001:db8:1:/64'), 'ffff:ffff:ffff:ffff::') def test_first_host_address(self): - self.assertEqual(vyos.template.first_host_address('10.0.0.0/24'), '10.0.0.1') - self.assertEqual(vyos.template.first_host_address('10.0.0.128/25'), '10.0.0.129') - self.assertEqual(vyos.template.first_host_address('2001:db8::/64'), '2001:db8::') + self.assertEqual(vyos.template.first_host_address('10.0.0.0/24'), '10.0.0.1') + self.assertEqual(vyos.template.first_host_address('10.0.0.10/24'), '10.0.0.1') + self.assertEqual(vyos.template.first_host_address('10.0.0.255/24'), '10.0.0.1') + self.assertEqual(vyos.template.first_host_address('10.0.0.128/25'), '10.0.0.129') + self.assertEqual(vyos.template.first_host_address('2001:db8::/64'), '2001:db8::1') + self.assertEqual(vyos.template.first_host_address('2001:db8::1000/64'), '2001:db8::1') + self.assertEqual(vyos.template.first_host_address('2001:db8::ffff:ffff:ffff:ffff/64'), '2001:db8::1') def test_last_host_address(self): self.assertEqual(vyos.template.last_host_address('10.0.0.0/24'), '10.0.0.254') @@ -181,4 +185,3 @@ class TestVyOSTemplate(TestCase): for group_name, group_config in data['ike_group'].items(): ciphers = vyos.template.get_esp_ike_cipher(group_config) self.assertIn(IKEv2_DEFAULT, ','.join(ciphers)) - -- cgit v1.2.3