From ee9e52676409b2e428a816ac59f42f5ba61089dd Mon Sep 17 00:00:00 2001 From: Alex Nordlund Date: Mon, 5 Jul 2021 16:54:13 +0200 Subject: [PATCH] Only check if route overlaps routes with scope: LINK Signed-off-by: Alex Nordlund --- libnetwork/netutils/utils_linux.go | 2 +- libnetwork/netutils/utils_linux_test.go | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/libnetwork/netutils/utils_linux.go b/libnetwork/netutils/utils_linux.go index 6de60a87ff..204c47ade7 100644 --- a/libnetwork/netutils/utils_linux.go +++ b/libnetwork/netutils/utils_linux.go @@ -31,7 +31,7 @@ func CheckRouteOverlaps(toCheck *net.IPNet) error { return err } for _, network := range networks { - if network.Dst != nil && NetworkOverlaps(toCheck, network.Dst) { + if network.Dst != nil && network.Scope == netlink.SCOPE_LINK && NetworkOverlaps(toCheck, network.Dst) { return ErrNetworkOverlaps } } diff --git a/libnetwork/netutils/utils_linux_test.go b/libnetwork/netutils/utils_linux_test.go index 271c872b25..ae9c42bc8a 100644 --- a/libnetwork/netutils/utils_linux_test.go +++ b/libnetwork/netutils/utils_linux_test.go @@ -46,8 +46,11 @@ func TestCheckRouteOverlaps(t *testing.T) { routes := []netlink.Route{} for _, addr := range routesData { _, netX, _ := net.ParseCIDR(addr) - routes = append(routes, netlink.Route{Dst: netX}) + routes = append(routes, netlink.Route{Dst: netX, Scope: netlink.SCOPE_LINK}) } + // Add a route with a scope which should not overlap + _, netX, _ := net.ParseCIDR("10.0.5.0/24") + routes = append(routes, netlink.Route{Dst: netX, Scope: netlink.SCOPE_UNIVERSE}) return routes, nil } defer func() { networkGetRoutesFct = nil }() @@ -61,6 +64,11 @@ func TestCheckRouteOverlaps(t *testing.T) { if err := CheckRouteOverlaps(netX); err == nil { t.Fatal("10.0.2.0/24 and 10.0.2.0 should overlap but it doesn't") } + + _, netX, _ = net.ParseCIDR("10.0.5.0/24") + if err := CheckRouteOverlaps(netX); err != nil { + t.Fatal("10.0.5.0/24 and 10.0.5.0 with scope UNIVERSE should not overlap but it does") + } } func TestCheckNameserverOverlaps(t *testing.T) {