1+ # Test NetworkAdmin users can create pools with overlapping subnets in different layer3domains
2+ # Make sure the user exists
3+ # as user netadmin
4+ $ ndcli login -u netadmin -p p
5+
6+ # as user admin
7+ # Create NetworkAdmin user
8+ $ ndcli create user-group networkadmins
9+ $ ndcli modify user-group networkadmins add user netadmin
10+ $ ndcli modify user-group networkadmins grant network_admin
11+
12+ # Create two layer3domains
13+ $ ndcli create layer3domain domain1 type vrf rd 0 : 1
14+ $ ndcli create layer3domain domain2 type vrf rd 0 : 2
15+
16+ # Create containers in both domains to support the pools
17+ $ ndcli create container 10.0 . 0. 0/ 8 layer3domain domain1
18+ INFO - Creating container 10.0 . 0. 0/ 8 in layer3domain domain1
19+ $ ndcli create container 10.0 . 0. 0/ 8 layer3domain domain2
20+ INFO - Creating container 10.0 . 0. 0/ 8 in layer3domain domain2
21+
22+ # Test: NetworkAdmin should be able to create pools in different layer3domains
23+ $ ndcli create pool pool1 layer3domain domain1 -u netadmin
24+ $ ndcli create pool pool2 layer3domain domain2 -u netadmin
25+
26+ # Test: NetworkAdmin should be able to add overlapping subnets with --allow-overlap
27+ $ ndcli modify pool pool1 add subnet 10.0 . 1. 0/ 24 -u netadmin
28+ INFO - Created subnet 10.0 . 1. 0/ 24 in layer3domain domain1
29+ WARNING - Creating zone 1.0 . 10. in-addr. arpa without profile
30+ WARNING - Primary NS for this Domain is now localhost.
31+
32+ $ ndcli modify pool pool2 add subnet 10.0 . 1. 0/ 24 -- allow-overlap -u netadmin
33+ INFO - Created subnet 10.0 . 1. 0/ 24 in layer3domain domain2
34+ WARNING - 10.0 . 1. 0/ 24 in layer3domain domain2 overlaps with 10.0 . 1. 0/ 24 in layer3domain domain1
35+ INFO - Creating view domain2 in zone 1.0 . 10. in-addr. arpa without profile
36+
37+ # Test: Should work without --allow-overlap if subnets don't overlap
38+ $ ndcli modify pool pool1 add subnet 10.0 . 2. 0/ 24 -u netadmin
39+ INFO - Created subnet 10.0 . 2. 0/ 24 in layer3domain domain1
40+ WARNING - Creating zone 2.0 . 10. in-addr. arpa without profile
41+ WARNING - Primary NS for this Domain is now localhost.
42+
43+ $ ndcli modify pool pool2 add subnet 10.0 . 3. 0/ 24 -u netadmin
44+ INFO - Created subnet 10.0 . 3. 0/ 24 in layer3domain domain2
45+ WARNING - Creating zone 3.0 . 10. in-addr. arpa without profile
46+ WARNING - Primary NS for this Domain is now localhost.
47+
48+ # Test: Pool operations should work for NetworkAdmin
49+ $ ndcli list pools -u netadmin
50+ name vlan subnets layer3domain
51+ pool1 10.0 . 1. 0/ 24 10.0 . 2. 0/ 24 domain1
52+ pool2 10.0 . 1. 0/ 24 10.0 . 3. 0/ 24 domain2
53+
54+ $ ndcli list pool pool1 subnets -u netadmin
55+ INFO - Total free IPs: 508
56+ prio subnet gateway free total
57+ 1 10.0 . 1. 0/ 24 254 256
58+ 2 10.0 . 2. 0/ 24 254 256
59+
60+ $ ndcli list pool pool2 subnets -u netadmin
61+ INFO - Total free IPs: 508
62+ prio subnet gateway free total
63+ 1 10.0 . 1. 0/ 24 254 256
64+ 2 10.0 . 3. 0/ 24 254 256
65+
66+ # Clean up
67+ $ ndcli modify pool pool1 remove subnet 10.0 . 1. 0/ 24 -f
68+ $ ndcli modify pool pool1 remove subnet 10.0 . 2. 0/ 24 -f
69+ $ ndcli modify pool pool2 remove subnet 10.0 . 1. 0/ 24 -f
70+ $ ndcli modify pool pool2 remove subnet 10.0 . 3. 0/ 24 -f
71+ $ ndcli delete pool pool1
72+ $ ndcli delete pool pool2
73+ $ ndcli delete container 10.0 . 0. 0/ 8 layer3domain domain1
74+ INFO - Deleting container 10.0 . 0. 0/ 8 from layer3domain domain1
75+ $ ndcli delete container 10.0 . 0. 0/ 8 layer3domain domain2
76+ INFO - Deleting container 10.0 . 0. 0/ 8 from layer3domain domain2
77+ $ ndcli delete layer3domain domain1
78+ $ ndcli delete layer3domain domain2
79+ $ ndcli delete user-group networkadmins
0 commit comments