Hi,
I encountered a method isNetworkAWithinNetworkB(cidrA, cidrB) in NetUtils.java
which should return true if cidrA is a subset of cidrB.
The method returns flawed output in many scenarios. After unittesting it I
found :
isNetworkAWithinNetworkB("10.1.1.0/24", "10.1.1.0/25") returns true
isNetworkAWithinNetworkB("10.1.1.0/25", "10.1.1.0/24") returns true
isNetworkAWithinNetworkB("10.1.1.0/23", "10.1.1.0/22") returns true
isNetworkAWithinNetworkB("10.1.1.0/22", "10.1.1.0/23") returns true
Due to this I am able to create VPC tiers with cidr 10.1.0.0/24 even when the
VPC super cidr has been defined as 10.1.1.0/25
IMO the simpler/cleaner way to compare cidrs should be to compare the
respective IP ranges. I have an old patch [1] in RB which uses the IP ranges to
compare 2 cidrs.
We could leverage that to replace isNetworkAWithinNetworkB() or in case of any
other suggestions please share.
Thanks,
Saksham
[1] https://reviews.apache.org/r/14124/diff/#index_header
