Skip to content

Update CIDR/Gateway of the Shared Networks from Guest IP ranges #11249

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
DaanHoogland merged 2 commits into from
Jul 29, 2025
Merged

Update CIDR/Gateway of the Shared Networks from Guest IP ranges #11249

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
46a6819
Update CIDR/Gateway of the shared network from the Guest IP range(s) …
sureshanaparti Jul 25, 2025
3fed0b8
code improvements
sureshanaparti Jul 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions engine/schema/src/main/resources/META-INF/db/schema-42010to42100.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -597,3 +597,8 @@ CALL `cloud`.`INSERT_EXTENSION_CUSTOM_ACTION_DETAILS_IF_NOT_EXISTS`(
'Resume',
'[]'
);

ALTER TABLE `cloud`.`networks` MODIFY COLUMN `cidr` varchar(255) DEFAULT NULL COMMENT 'CloudStack managed vms get IP address from cidr.In general this cidr also serves as the network CIDR. But in case IP reservation feature is being used by a Guest network, networkcidr is the Effective network CIDR for that network';
ALTER TABLE `cloud`.`networks` MODIFY COLUMN `gateway` varchar(255) DEFAULT NULL COMMENT 'gateway(s) for this network configuration';
ALTER TABLE `cloud`.`networks` MODIFY COLUMN `ip6_cidr` varchar(1024) DEFAULT NULL COMMENT 'IPv6 cidr(s) for this network';
ALTER TABLE `cloud`.`networks` MODIFY COLUMN `ip6_gateway` varchar(1024) DEFAULT NULL COMMENT 'IPv6 gateway(s) for this network';
54 changes: 27 additions & 27 deletions ...twork-elements/bigswitch/src/main/java/com/cloud/network/element/BigSwitchBcfElement.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -237,7 +237,7 @@ public boolean prepare(Network network, NicProfile nic, VirtualMachineProfile vm
// get arguments for CreateBcfAttachmentCommand
// determine whether this is VPC network or stand-alone network
Vpc vpc = null;
if(network.getVpcId()!=null){
if (network.getVpcId() != null) {
vpc = _vpcDao.acquireInLockTable(network.getVpcId());
}

Expand All @@ -264,7 +264,7 @@ public boolean prepare(Network network, NicProfile nic, VirtualMachineProfile vm
String vmwareVswitchLabel = _networkModel.getDefaultGuestTrafficLabel(zoneId, HypervisorType.VMware);
String[] labelArray = null;
String vswitchName = null;
if(vmwareVswitchLabel!=null){
if (vmwareVswitchLabel != null) {
labelArray=vmwareVswitchLabel.split(",");
vswitchName = labelArray[0];
}
Expand All @@ -273,9 +273,9 @@ public boolean prepare(Network network, NicProfile nic, VirtualMachineProfile vm
// kvm: ivs port name
// vmware: specific portgroup naming convention
String pgName = "";
if (dest.getHost().getHypervisorType() == HypervisorType.KVM){
if (dest.getHost().getHypervisorType() == HypervisorType.KVM) {
pgName = hostname;
} else if (dest.getHost().getHypervisorType() == HypervisorType.VMware){
} else if (dest.getHost().getHypervisorType() == HypervisorType.VMware) {
pgName = hostname + "-" + vswitchName;
}

Expand Down Expand Up @@ -306,7 +306,7 @@ public boolean release(Network network, NicProfile nic, VirtualMachineProfile vm
String nicId = nic.getUuid();

String tenantId;
if(network.getVpcId()!=null) {
if (network.getVpcId() != null) {
tenantId = network.getNetworkDomain();
} else {
tenantId = networkId;
Expand Down Expand Up @@ -439,16 +439,16 @@ public BigSwitchBcfDeviceVO addBigSwitchBcfDevice(AddBigSwitchBcfDeviceCmd cmd)

DataCenterVO zone = _zoneDao.findById(physicalNetwork.getDataCenterId());
String zoneName;
if(zone!= null){
if (zone != null) {
zoneName = zone.getName();
} else {
zoneName = String.valueOf(zoneId);
}

Boolean natNow = _bcfUtils.isNatEnabled();
if (!nat && natNow){
if (!nat && natNow) {
throw new CloudRuntimeException("NAT is enabled in existing controller. Enable NAT for new controller or remove existing controller first.");
} else if (nat && !natNow){
} else if (nat && !natNow) {
throw new CloudRuntimeException("NAT is disabled in existing controller. Disable NAT for new controller or remove existing controller first.");
}

Expand Down Expand Up @@ -582,7 +582,7 @@ public HostVO createHostVOForDirectConnectAgent(HostVO host, StartupCommand[] st
BigSwitchBcfResource bcfResource = (BigSwitchBcfResource) resource;
bcfUtilsInit();

if(_bcfUtils.getTopology()!=null){
if (_bcfUtils.getTopology() != null) {
bcfResource.setTopology(_bcfUtils.getTopology());
}

Expand Down Expand Up @@ -621,7 +621,7 @@ public boolean applyStaticNats(Network network,
_bcfUtils.listACLbyNetwork(network);

Vpc vpc = null;
if(network.getVpcId()!=null){
if (network.getVpcId() != null) {
vpc = _vpcDao.acquireInLockTable(network.getVpcId());
}

Expand All @@ -635,11 +635,11 @@ public boolean applyStaticNats(Network network,
tenantId = network.getUuid();
}

for (StaticNat rule: rules){
for (StaticNat rule: rules) {
String srcIp = _ipAddressDao.findById(rule.getSourceIpAddressId()).getAddress().addr();
String dstIp = rule.getDestIpAddress();
String mac = rule.getSourceMacAddress();
if(!rule.isForRevoke()) {
if (!rule.isForRevoke()) {
logger.debug("BCF enables static NAT for public IP: " + srcIp + " private IP " + dstIp
+ " mac " + mac);
CreateBcfStaticNatCommand cmd = new CreateBcfStaticNatCommand(
Expand Down Expand Up @@ -671,13 +671,13 @@ public boolean applyNetworkACLs(Network network,
SubnetUtils utils;
String cidr = null;
List<String> cidrList;
for(NetworkACLItem r: rules){
if(r.getState()==NetworkACLItem.State.Revoke){
for (NetworkACLItem r: rules) {
if (r.getState() == NetworkACLItem.State.Revoke) {
continue;
}
cidrList = r.getSourceCidrList();
if(cidrList != null){
if(cidrList.size()>1 || !r.getSourcePortEnd().equals(r.getSourcePortStart())){
if (cidrList != null) {
if (cidrList.size() > 1 || !r.getSourcePortEnd().equals(r.getSourcePortStart())) {
throw new ResourceUnavailableException("One CIDR and one port only please.",
Network.class, network.getId());
} else {
Expand All @@ -688,7 +688,7 @@ public boolean applyNetworkACLs(Network network,
cidr = "";
} else {
utils = new SubnetUtils(cidr);
if(!utils.getInfo().getNetworkAddress().equals(utils.getInfo().getAddress())){
if (!utils.getInfo().getNetworkAddress().equals(utils.getInfo().getAddress())) {
throw new ResourceUnavailableException("Invalid CIDR in Network ACL rule.",
Network.class, network.getId());
}
Expand All @@ -710,13 +710,13 @@ public boolean applyFWRules(Network network,
SubnetUtils utils;
String cidr = null;
List<String> cidrList;
for(FirewallRule r: rules){
if(r.getState()==FirewallRule.State.Revoke){
for (FirewallRule r: rules) {
if (r.getState() == FirewallRule.State.Revoke) {
continue;
}
cidrList = r.getSourceCidrList();
if(cidrList != null){
if(cidrList.size()>1 || !r.getSourcePortEnd().equals(r.getSourcePortStart())){
if (cidrList != null) {
if (cidrList.size()>1 || !r.getSourcePortEnd().equals(r.getSourcePortStart())) {
throw new ResourceUnavailableException("One CIDR and one port only please.",
Network.class, network.getId());
} else {
Expand All @@ -727,7 +727,7 @@ public boolean applyFWRules(Network network,
cidr = "";
} else {
utils = new SubnetUtils(cidr);
if(!utils.getInfo().getNetworkAddress().equals(utils.getInfo().getAddress())){
if (!utils.getInfo().getNetworkAddress().equals(utils.getInfo().getAddress())) {
throw new ResourceUnavailableException("Invalid CIDR in Firewall rule.",
Network.class, network.getId());
}
Expand All @@ -741,7 +741,7 @@ private void updateBcfRouter(Network network) throws IllegalArgumentException{
bcfUtilsInit();

Vpc vpc = null;
if(network.getVpcId()!=null){
if (network.getVpcId() != null) {
vpc = _vpcDao.acquireInLockTable(network.getVpcId());
}

Expand All @@ -756,23 +756,23 @@ private void updateBcfRouter(Network network) throws IllegalArgumentException{
UpdateBcfRouterCommand cmd = new UpdateBcfRouterCommand(tenantId);

List<AclData> aclList = _bcfUtils.listACLbyNetwork(network);
for(AclData acl: aclList){
for (AclData acl: aclList) {
cmd.addAcl(acl);
}

if(vpc != null){
if (vpc != null) {
cmd.setPublicIp(_bcfUtils.getPublicIpByVpc(vpc));
} else {
cmd.setPublicIp(_bcfUtils.getPublicIpByNetwork(network));
}

BcfAnswer answer = _bcfUtils.sendBcfCommandWithNetworkSyncCheck(cmd, network);
if(answer != null && !answer.getResult()){
if (answer != null && !answer.getResult()) {
throw new IllegalArgumentException("Illegal router update arguments");
}
}

private void bcfUtilsInit(){
private void bcfUtilsInit() {
if (_bcfUtils == null) {
_bcfUtils = new BigSwitchBcfUtils(_networkDao, _nicDao,
_vmDao, _hostDao, _vpcDao, _bigswitchBcfDao,
Expand Down
17 changes: 9 additions & 8 deletions server/src/main/java/com/cloud/api/ApiResponseHelper.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2541,10 +2541,11 @@ public NetworkResponse createNetworkResponse(ResponseView view, Network network)
response.setType(network.getGuestType().toString());
}

response.setGateway(network.getGateway());
response.setGateway(com.cloud.utils.StringUtils.getFirstValueFromCommaSeparatedString(network.getGateway()));
String cidr = com.cloud.utils.StringUtils.getFirstValueFromCommaSeparatedString(network.getCidr());

// FIXME - either set netmask or cidr
response.setCidr(network.getCidr());
response.setCidr(cidr);
if (network.getNetworkCidr() != null) {
response.setNetworkCidr((network.getNetworkCidr()));
}
Expand All @@ -2555,18 +2556,18 @@ public NetworkResponse createNetworkResponse(ResponseView view, Network network)
if (network.getNetworkCidr() != null) {
response.setNetmask(NetUtils.cidr2Netmask(network.getNetworkCidr()));
}
if (((network.getCidr()) != null) && (network.getNetworkCidr() == null)) {
response.setNetmask(NetUtils.cidr2Netmask(network.getCidr()));
if ((cidr != null) && (network.getNetworkCidr() == null)) {
response.setNetmask(NetUtils.cidr2Netmask(cidr));
}

response.setIp6Gateway(network.getIp6Gateway());
response.setIp6Cidr(network.getIp6Cidr());
response.setIp6Gateway(com.cloud.utils.StringUtils.getFirstValueFromCommaSeparatedString(network.getIp6Gateway()));
response.setIp6Cidr(com.cloud.utils.StringUtils.getFirstValueFromCommaSeparatedString(network.getIp6Cidr()));

// create response for reserved IP ranges that can be used for
// non-cloudstack purposes
String reservation = null;
if ((network.getCidr() != null) && (NetUtils.isNetworkAWithinNetworkB(network.getCidr(), network.getNetworkCidr()))) {
String[] guestVmCidrPair = network.getCidr().split("\\/");
if ((cidr != null) && (NetUtils.isNetworkAWithinNetworkB(cidr, network.getNetworkCidr()))) {
String[] guestVmCidrPair = cidr.split("\\/");
String[] guestCidrPair = network.getNetworkCidr().split("\\/");

Long guestVmCidrSize = Long.valueOf(guestVmCidrPair[1]);
Expand Down
68 changes: 68 additions & 0 deletions server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5370,9 +5370,42 @@ public Vlan createVlanAndPublicIpRange(final long zoneId, final long networkId,
final VlanVO vlan = commitVlanAndIpRange(zoneId, networkId, physicalNetworkId, podId, startIP, endIP, vlanGateway, vlanNetmask, vlanId, domain, vlanOwner, vlanIp6Gateway, vlanIp6Cidr,
ipv4, zone, vlanType, ipv6Range, ipRange, forSystemVms, provider);

if (vlan != null) {
if (ipv4) {
addCidrAndGatewayForIpv4(networkId, vlanGateway, vlanNetmask);
} else if (ipv6) {
addCidrAndGatewayForIpv6(networkId, vlanIp6Gateway, vlanIp6Cidr);
}
}

return vlan;
}

private void addCidrAndGatewayForIpv4(final long networkId, final String vlanGateway, final String vlanNetmask) {
final NetworkVO networkVO = _networkDao.findById(networkId);
String networkCidr = networkVO.getCidr();
String newCidr = NetUtils.getCidrFromGatewayAndNetmask(vlanGateway, vlanNetmask);
String newNetworkCidr = com.cloud.utils.StringUtils.updateCommaSeparatedStringWithValue(networkCidr, newCidr, true);
networkVO.setCidr(newNetworkCidr);

String networkGateway = networkVO.getGateway();
String newNetworkGateway = com.cloud.utils.StringUtils.updateCommaSeparatedStringWithValue(networkGateway, vlanGateway, true);
networkVO.setGateway(newNetworkGateway);
_networkDao.update(networkId, networkVO);
}

private void addCidrAndGatewayForIpv6(final long networkId, final String vlanIp6Gateway, final String vlanIp6Cidr) {
final NetworkVO networkVO = _networkDao.findById(networkId);
String networkIp6Cidr = networkVO.getIp6Cidr();
String newNetworkIp6Cidr = com.cloud.utils.StringUtils.updateCommaSeparatedStringWithValue(networkIp6Cidr, vlanIp6Cidr, true);
networkVO.setIp6Cidr(newNetworkIp6Cidr);

String networkIp6Gateway = networkVO.getIp6Gateway();
String newNetworkIp6Gateway = com.cloud.utils.StringUtils.updateCommaSeparatedStringWithValue(networkIp6Gateway, vlanIp6Gateway, true);
networkVO.setIp6Gateway(newNetworkIp6Gateway);
_networkDao.update(networkId, networkVO);
}

private boolean isConnectivityWithoutVlan(Network network) {
boolean connectivityWithoutVlan = false;
if (_networkModel.areServicesSupportedInNetwork(network.getId(), Service.Connectivity)) {
Expand Down Expand Up @@ -6413,12 +6446,47 @@ public boolean deleteVlanIpRange(final DeleteVlanIpRangeCmd cmd) {
private boolean deleteAndPublishVlanAndPublicIpRange(final long userId, final long vlanDbId, final Account caller) {
VlanVO deletedVlan = deleteVlanAndPublicIpRange(userId, vlanDbId, caller);
if (deletedVlan != null) {
final boolean ipv4 = deletedVlan.getVlanGateway() != null;
final boolean ipv6 = deletedVlan.getIp6Gateway() != null;
final long networkId = deletedVlan.getNetworkId();

if (ipv4) {
removeCidrAndGatewayForIpv4(networkId, deletedVlan);
} else if (ipv6) {
removeCidrAndGatewayForIpv6(networkId, deletedVlan);
}

messageBus.publish(_name, MESSAGE_DELETE_VLAN_IP_RANGE_EVENT, PublishScope.LOCAL, deletedVlan);
return true;
}
return false;
}

private void removeCidrAndGatewayForIpv4(final long networkId, VlanVO deletedVlan) {
final NetworkVO networkVO = _networkDao.findById(networkId);
String networkCidr = networkVO.getCidr();
String cidrToRemove = NetUtils.getCidrFromGatewayAndNetmask(deletedVlan.getVlanGateway(), deletedVlan.getVlanNetmask());
String newNetworkCidr = com.cloud.utils.StringUtils.updateCommaSeparatedStringWithValue(networkCidr, cidrToRemove, false);
networkVO.setCidr(newNetworkCidr);

String networkGateway = networkVO.getGateway();
String newNetworkGateway = com.cloud.utils.StringUtils.updateCommaSeparatedStringWithValue(networkGateway, deletedVlan.getVlanGateway(), false);
networkVO.setGateway(newNetworkGateway);
_networkDao.update(networkId, networkVO);
}

private void removeCidrAndGatewayForIpv6(final long networkId, VlanVO deletedVlan) {
final NetworkVO networkVO = _networkDao.findById(networkId);
String networkIp6Cidr = networkVO.getIp6Cidr();
String newNetworkIp6Cidr = com.cloud.utils.StringUtils.updateCommaSeparatedStringWithValue(networkIp6Cidr, deletedVlan.getIp6Cidr(), false);
networkVO.setIp6Cidr(newNetworkIp6Cidr);

String networkIp6Gateway = networkVO.getIp6Gateway();
String newNetworkIp6Gateway = com.cloud.utils.StringUtils.updateCommaSeparatedStringWithValue(networkIp6Gateway, deletedVlan.getIp6Gateway(), false);
networkVO.setIp6Gateway(newNetworkIp6Gateway);
_networkDao.update(networkId, networkVO);
}

@Override
public void checkDiskOfferingAccess(final Account caller, final DiskOffering dof, DataCenter zone) {
for (final SecurityChecker checker : _secChecker) {
Expand Down
52 changes: 52 additions & 0 deletions utils/src/main/java/com/cloud/utils/StringUtils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,14 +24,17 @@
import com.fasterxml.jackson.databind.ObjectMapper;

import java.nio.charset.Charset;
import java.util.Arrays;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;

public class StringUtils extends org.apache.commons.lang3.StringUtils {
private static final char[] hexChar = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
Expand Down Expand Up @@ -409,4 +412,53 @@ public static String[] splitCommaSeparatedStrings(String... tags) {
String[] finalMergedTagsArray = appendedTags.split(",");
return finalMergedTagsArray;
}


/**
* Converts the comma separated numbers and ranges to numbers
* @param originalString the original string (can be null or empty) containing list of comma separated values that has to be updated
* @param value the value to add to, or remove from the original string
* @param add if true, adds the input value; if false, removes it
* @return String containing the modified original string (or null if empty)
*/
public static String updateCommaSeparatedStringWithValue(String originalString, String value, boolean add) {
if (org.apache.commons.lang3.StringUtils.isEmpty(value)) {
return originalString;
}

Set<String> values = new LinkedHashSet<>();

if (org.apache.commons.lang3.StringUtils.isNotEmpty(originalString)) {
values.addAll(Arrays.stream(originalString.split(","))
.map(String::trim)
.filter(s -> !s.isEmpty())
.collect(Collectors.toList()));
}

if (add) {
values.add(value);
} else {
values.remove(value);
}

return values.isEmpty() ? null : String.join(",", values);
}

/**
* Returns the first value from a comma-separated string.
* @param inputString the input string (can be null or empty) containing list of comma separated values
* @return the first value, or null if none found
*/
public static String getFirstValueFromCommaSeparatedString(String inputString) {
if (org.apache.commons.lang3.StringUtils.isEmpty(inputString)) {
return inputString;
}

String[] values = inputString.split(",");
if (values.length > 0) {
return values[0].trim();
}

return null;
}
}
Loading