From 503f468366fc28720208aeee957bfb32a50a60d8 Mon Sep 17 00:00:00 2001
From: Pau Espin Pedrol <pespin@sysmocom.de>
Date: Fri, 13 Oct 2017 14:32:09 +0200
Subject: ippool: Implement and use blacklist instead of blindly using
 IPPOOL_NOGATEWAY

Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.

Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.

However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.

Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
---
 tests/lib/ippool_test.c   |  40 ++++---
 tests/lib/ippool_test.err |   2 +
 tests/lib/ippool_test.ok  | 264 +++++++++++++++++++++++++++++++++++++++++++++-
 3 files changed, 288 insertions(+), 18 deletions(-)

(limited to 'tests/lib')

diff --git a/tests/lib/ippool_test.c b/tests/lib/ippool_test.c
index 1d0c3a2..04306ef 100644
--- a/tests/lib/ippool_test.c
+++ b/tests/lib/ippool_test.c
@@ -13,36 +13,46 @@
 #include "../../lib/syserr.h"
 
 
-static struct ippool_t *create_pool(const char *prefix_str, unsigned int flags)
+static struct ippool_t *create_pool(const char *prefix_str, unsigned int flags, char **blacklist, size_t blacklist_size)
 {
+	struct in46_prefix *blacklist_pfx;
 	struct ippool_t *pool;
 	struct in46_prefix pfx;
 	size_t t;
 	int rc;
 
+	blacklist_pfx = calloc(blacklist_size, sizeof(struct in46_prefix));
+	for (int i = 0; i < blacklist_size; i++) {
+		rc = ippool_aton(&blacklist_pfx[i].addr, &t, blacklist[i], 0);
+		OSMO_ASSERT(rc == 0);
+		pfx.prefixlen = t;
+	}
+
 	/* dynamic-only v4 */
 
-	rc = ippool_aton(&pfx.addr, &t, prefix_str, flags);
+	rc = ippool_aton(&pfx.addr, &t, prefix_str, 0);
 	OSMO_ASSERT(rc == 0);
 	pfx.prefixlen = t;
 
-	rc = ippool_new(&pool, &pfx, NULL, flags);
+	rc = ippool_new(&pool, &pfx, NULL, flags, blacklist_pfx, blacklist_size);
 	OSMO_ASSERT(rc == 0);
 
 	//ippool_printaddr(pool);
 
+	free(blacklist_pfx);
+
 	return pool;
 }
 
-static int test_pool_size(const char *pfx, unsigned int flags, unsigned int expected_size)
+static void test_pool_size(const char *pfx, unsigned int flags, char **blacklist, size_t blacklist_size, unsigned int expected_size)
 {
 	struct ippool_t *pool;
 	struct ippoolm_t *member;
 	struct in46_addr addr;
 	int i, rc, n;
 
-	printf("testing pool for prefix %s, flags=0x%x, expected_size=%u\n", pfx, flags, expected_size);
-	pool = create_pool(pfx, flags);
+	printf("testing pool for prefix %s, flags=0x%x, blacklist_size=%lu, expected_size=%u\n", pfx, flags, blacklist_size, expected_size);
+	pool = create_pool(pfx, flags, blacklist, blacklist_size);
 	OSMO_ASSERT(pool->listsize == expected_size);
 
 	memset(&addr, 0, sizeof(addr));
@@ -88,24 +98,28 @@ static int test_pool_size(const char *pfx, unsigned int flags, unsigned int expe
 	ippool_free(pool);
 }
 
-static int test_pool_sizes(void)
+static void test_pool_sizes(void)
 {
-	struct ippool_t *pool;
 
 	/* 256 addresses [0..255] */
-	test_pool_size("192.168.23.0/24", 0, 256);
+	test_pool_size("192.168.23.0/24", 0, NULL, 0, 256);
 
 	/* 255 addresses [1..255] */
-	test_pool_size("192.168.23.0/24", IPPOOL_NONETWORK, 255);
+	test_pool_size("192.168.23.0/24", IPPOOL_NONETWORK, NULL, 0, 255);
 
 	/* 254 addresses [1..254] */
-	test_pool_size("192.168.23.0/24", IPPOOL_NONETWORK | IPPOOL_NOBROADCAST, 254);
+	test_pool_size("192.168.23.0/24", IPPOOL_NONETWORK | IPPOOL_NOBROADCAST, NULL, 0, 254);
 
 	/* 65534 addresses [0.1..255.254] */
-	test_pool_size("192.168.0.0/16", IPPOOL_NONETWORK | IPPOOL_NOBROADCAST, 65534);
+	test_pool_size("192.168.0.0/16", IPPOOL_NONETWORK | IPPOOL_NOBROADCAST, NULL, 0, 65534);
 
 	/* 256 prefixes of /64 each */
-	test_pool_size("2001:DB8::/56", 0, 256);
+	test_pool_size("2001:DB8::/56", 0, NULL, 0, 256);
+
+	/* 253 addresses [1..254] & exclude 192.168.23.1/24 */
+	char *blacklist[] = {"176.16.222.10/24", "192.168.23.1/24", "192.168.38.2/24"};
+	test_pool_size("192.168.23.0/24", IPPOOL_NONETWORK | IPPOOL_NOBROADCAST, blacklist, 3, 253);
+
 }
 
 int main(int argc, char **argv)
diff --git a/tests/lib/ippool_test.err b/tests/lib/ippool_test.err
index 7dc5371..b11c12a 100644
--- a/tests/lib/ippool_test.err
+++ b/tests/lib/ippool_test.err
@@ -8,3 +8,5 @@ No more IP addresses available
 No more IP addresses available
 No more IP addresses available
 No more IP addresses available
+No more IP addresses available
+No more IP addresses available
diff --git a/tests/lib/ippool_test.ok b/tests/lib/ippool_test.ok
index a0eeb4b..263494e 100644
--- a/tests/lib/ippool_test.ok
+++ b/tests/lib/ippool_test.ok
@@ -1,4 +1,4 @@
-testing pool for prefix 192.168.23.0/24, flags=0x0, expected_size=256
+testing pool for prefix 192.168.23.0/24, flags=0x0, blacklist_size=0, expected_size=256
 allocated address 192.168.23.0
 allocated address 192.168.23.1
 allocated address 192.168.23.2
@@ -255,7 +255,7 @@ allocated address 192.168.23.252
 allocated address 192.168.23.253
 allocated address 192.168.23.254
 allocated address 192.168.23.255
-testing pool for prefix 192.168.23.0/24, flags=0x1, expected_size=255
+testing pool for prefix 192.168.23.0/24, flags=0x1, blacklist_size=0, expected_size=255
 allocated address 192.168.23.1
 allocated address 192.168.23.2
 allocated address 192.168.23.3
@@ -511,7 +511,7 @@ allocated address 192.168.23.252
 allocated address 192.168.23.253
 allocated address 192.168.23.254
 allocated address 192.168.23.255
-testing pool for prefix 192.168.23.0/24, flags=0x3, expected_size=254
+testing pool for prefix 192.168.23.0/24, flags=0x3, blacklist_size=0, expected_size=254
 allocated address 192.168.23.1
 allocated address 192.168.23.2
 allocated address 192.168.23.3
@@ -766,7 +766,7 @@ allocated address 192.168.23.251
 allocated address 192.168.23.252
 allocated address 192.168.23.253
 allocated address 192.168.23.254
-testing pool for prefix 192.168.0.0/16, flags=0x3, expected_size=65534
+testing pool for prefix 192.168.0.0/16, flags=0x3, blacklist_size=0, expected_size=65534
 allocated address 192.168.0.1
 allocated address 192.168.0.2
 allocated address 192.168.0.3
@@ -66301,7 +66301,7 @@ allocated address 192.168.255.251
 allocated address 192.168.255.252
 allocated address 192.168.255.253
 allocated address 192.168.255.254
-testing pool for prefix 2001:DB8::/56, flags=0x0, expected_size=256
+testing pool for prefix 2001:DB8::/56, flags=0x0, blacklist_size=0, expected_size=256
 allocated address 2001:db8::
 allocated address 2001:db8:0:1::
 allocated address 2001:db8:0:2::
@@ -66558,3 +66558,257 @@ allocated address 2001:db8:0:fc::
 allocated address 2001:db8:0:fd::
 allocated address 2001:db8:0:fe::
 allocated address 2001:db8:0:ff::
+testing pool for prefix 192.168.23.0/24, flags=0x3, blacklist_size=3, expected_size=253
+allocated address 192.168.23.2
+allocated address 192.168.23.3
+allocated address 192.168.23.4
+allocated address 192.168.23.5
+allocated address 192.168.23.6
+allocated address 192.168.23.7
+allocated address 192.168.23.8
+allocated address 192.168.23.9
+allocated address 192.168.23.10
+allocated address 192.168.23.11
+allocated address 192.168.23.12
+allocated address 192.168.23.13
+allocated address 192.168.23.14
+allocated address 192.168.23.15
+allocated address 192.168.23.16
+allocated address 192.168.23.17
+allocated address 192.168.23.18
+allocated address 192.168.23.19
+allocated address 192.168.23.20
+allocated address 192.168.23.21
+allocated address 192.168.23.22
+allocated address 192.168.23.23
+allocated address 192.168.23.24
+allocated address 192.168.23.25
+allocated address 192.168.23.26
+allocated address 192.168.23.27
+allocated address 192.168.23.28
+allocated address 192.168.23.29
+allocated address 192.168.23.30
+allocated address 192.168.23.31
+allocated address 192.168.23.32
+allocated address 192.168.23.33
+allocated address 192.168.23.34
+allocated address 192.168.23.35
+allocated address 192.168.23.36
+allocated address 192.168.23.37
+allocated address 192.168.23.38
+allocated address 192.168.23.39
+allocated address 192.168.23.40
+allocated address 192.168.23.41
+allocated address 192.168.23.42
+allocated address 192.168.23.43
+allocated address 192.168.23.44
+allocated address 192.168.23.45
+allocated address 192.168.23.46
+allocated address 192.168.23.47
+allocated address 192.168.23.48
+allocated address 192.168.23.49
+allocated address 192.168.23.50
+allocated address 192.168.23.51
+allocated address 192.168.23.52
+allocated address 192.168.23.53
+allocated address 192.168.23.54
+allocated address 192.168.23.55
+allocated address 192.168.23.56
+allocated address 192.168.23.57
+allocated address 192.168.23.58
+allocated address 192.168.23.59
+allocated address 192.168.23.60
+allocated address 192.168.23.61
+allocated address 192.168.23.62
+allocated address 192.168.23.63
+allocated address 192.168.23.64
+allocated address 192.168.23.65
+allocated address 192.168.23.66
+allocated address 192.168.23.67
+allocated address 192.168.23.68
+allocated address 192.168.23.69
+allocated address 192.168.23.70
+allocated address 192.168.23.71
+allocated address 192.168.23.72
+allocated address 192.168.23.73
+allocated address 192.168.23.74
+allocated address 192.168.23.75
+allocated address 192.168.23.76
+allocated address 192.168.23.77
+allocated address 192.168.23.78
+allocated address 192.168.23.79
+allocated address 192.168.23.80
+allocated address 192.168.23.81
+allocated address 192.168.23.82
+allocated address 192.168.23.83
+allocated address 192.168.23.84
+allocated address 192.168.23.85
+allocated address 192.168.23.86
+allocated address 192.168.23.87
+allocated address 192.168.23.88
+allocated address 192.168.23.89
+allocated address 192.168.23.90
+allocated address 192.168.23.91
+allocated address 192.168.23.92
+allocated address 192.168.23.93
+allocated address 192.168.23.94
+allocated address 192.168.23.95
+allocated address 192.168.23.96
+allocated address 192.168.23.97
+allocated address 192.168.23.98
+allocated address 192.168.23.99
+allocated address 192.168.23.100
+allocated address 192.168.23.101
+allocated address 192.168.23.102
+allocated address 192.168.23.103
+allocated address 192.168.23.104
+allocated address 192.168.23.105
+allocated address 192.168.23.106
+allocated address 192.168.23.107
+allocated address 192.168.23.108
+allocated address 192.168.23.109
+allocated address 192.168.23.110
+allocated address 192.168.23.111
+allocated address 192.168.23.112
+allocated address 192.168.23.113
+allocated address 192.168.23.114
+allocated address 192.168.23.115
+allocated address 192.168.23.116
+allocated address 192.168.23.117
+allocated address 192.168.23.118
+allocated address 192.168.23.119
+allocated address 192.168.23.120
+allocated address 192.168.23.121
+allocated address 192.168.23.122
+allocated address 192.168.23.123
+allocated address 192.168.23.124
+allocated address 192.168.23.125
+allocated address 192.168.23.126
+allocated address 192.168.23.127
+allocated address 192.168.23.128
+allocated address 192.168.23.129
+allocated address 192.168.23.130
+allocated address 192.168.23.131
+allocated address 192.168.23.132
+allocated address 192.168.23.133
+allocated address 192.168.23.134
+allocated address 192.168.23.135
+allocated address 192.168.23.136
+allocated address 192.168.23.137
+allocated address 192.168.23.138
+allocated address 192.168.23.139
+allocated address 192.168.23.140
+allocated address 192.168.23.141
+allocated address 192.168.23.142
+allocated address 192.168.23.143
+allocated address 192.168.23.144
+allocated address 192.168.23.145
+allocated address 192.168.23.146
+allocated address 192.168.23.147
+allocated address 192.168.23.148
+allocated address 192.168.23.149
+allocated address 192.168.23.150
+allocated address 192.168.23.151
+allocated address 192.168.23.152
+allocated address 192.168.23.153
+allocated address 192.168.23.154
+allocated address 192.168.23.155
+allocated address 192.168.23.156
+allocated address 192.168.23.157
+allocated address 192.168.23.158
+allocated address 192.168.23.159
+allocated address 192.168.23.160
+allocated address 192.168.23.161
+allocated address 192.168.23.162
+allocated address 192.168.23.163
+allocated address 192.168.23.164
+allocated address 192.168.23.165
+allocated address 192.168.23.166
+allocated address 192.168.23.167
+allocated address 192.168.23.168
+allocated address 192.168.23.169
+allocated address 192.168.23.170
+allocated address 192.168.23.171
+allocated address 192.168.23.172
+allocated address 192.168.23.173
+allocated address 192.168.23.174
+allocated address 192.168.23.175
+allocated address 192.168.23.176
+allocated address 192.168.23.177
+allocated address 192.168.23.178
+allocated address 192.168.23.179
+allocated address 192.168.23.180
+allocated address 192.168.23.181
+allocated address 192.168.23.182
+allocated address 192.168.23.183
+allocated address 192.168.23.184
+allocated address 192.168.23.185
+allocated address 192.168.23.186
+allocated address 192.168.23.187
+allocated address 192.168.23.188
+allocated address 192.168.23.189
+allocated address 192.168.23.190
+allocated address 192.168.23.191
+allocated address 192.168.23.192
+allocated address 192.168.23.193
+allocated address 192.168.23.194
+allocated address 192.168.23.195
+allocated address 192.168.23.196
+allocated address 192.168.23.197
+allocated address 192.168.23.198
+allocated address 192.168.23.199
+allocated address 192.168.23.200
+allocated address 192.168.23.201
+allocated address 192.168.23.202
+allocated address 192.168.23.203
+allocated address 192.168.23.204
+allocated address 192.168.23.205
+allocated address 192.168.23.206
+allocated address 192.168.23.207
+allocated address 192.168.23.208
+allocated address 192.168.23.209
+allocated address 192.168.23.210
+allocated address 192.168.23.211
+allocated address 192.168.23.212
+allocated address 192.168.23.213
+allocated address 192.168.23.214
+allocated address 192.168.23.215
+allocated address 192.168.23.216
+allocated address 192.168.23.217
+allocated address 192.168.23.218
+allocated address 192.168.23.219
+allocated address 192.168.23.220
+allocated address 192.168.23.221
+allocated address 192.168.23.222
+allocated address 192.168.23.223
+allocated address 192.168.23.224
+allocated address 192.168.23.225
+allocated address 192.168.23.226
+allocated address 192.168.23.227
+allocated address 192.168.23.228
+allocated address 192.168.23.229
+allocated address 192.168.23.230
+allocated address 192.168.23.231
+allocated address 192.168.23.232
+allocated address 192.168.23.233
+allocated address 192.168.23.234
+allocated address 192.168.23.235
+allocated address 192.168.23.236
+allocated address 192.168.23.237
+allocated address 192.168.23.238
+allocated address 192.168.23.239
+allocated address 192.168.23.240
+allocated address 192.168.23.241
+allocated address 192.168.23.242
+allocated address 192.168.23.243
+allocated address 192.168.23.244
+allocated address 192.168.23.245
+allocated address 192.168.23.246
+allocated address 192.168.23.247
+allocated address 192.168.23.248
+allocated address 192.168.23.249
+allocated address 192.168.23.250
+allocated address 192.168.23.251
+allocated address 192.168.23.252
+allocated address 192.168.23.253
+allocated address 192.168.23.254
-- 
cgit v1.2.3