Skip to content

Fix: Use 'subnet_of' instead of 'overlaps' for reserved IP range check#3223

Merged
ipspace merged 3 commits intodevfrom
fix-reserved-check
Mar 22, 2026
Merged

Fix: Use 'subnet_of' instead of 'overlaps' for reserved IP range check#3223
ipspace merged 3 commits intodevfrom
fix-reserved-check

Conversation

@ipspace
Copy link
Owner

@ipspace ipspace commented Mar 21, 2026

The checks of reserved IP ranges used 'overlaps' function which triggered an error even when '0.0.0.0/0' was compared to '0.0.0.0/8'

Fixes #3214

@ipspace
Fix: Use 'subnet_of' instead of 'overlaps' for reserved IP range check
7f60a7a 
The checks of reserved IP ranges used 'overlaps' function which
triggered an error even when '0.0.0.0/0' was compared to '0.0.0.0/8'

Fixes #3214
@ipspace ipspace requested review from Copilot and jbemmel March 21, 2026 18:58
Copilot AI reviewed Mar 21, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes IPv4 reserved-range validation so that supernets like 0.0.0.0/0 are not incorrectly rejected as “in” a smaller reserved block, aligning bgp.originate behavior with expected default-route use cases (issue #3214).

Changes:

  • Switch reserved-range detection from overlaps() to subnet_of() to avoid false positives for supernets (e.g. 0.0.0.0/0).
  • Extend IPv4 reserved ranges to include Class E (240.0.0.0/4).

@ipspace
User-friendly classification of 240.0.0.0/4
64215bb 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
jbemmel
jbemmel approved these changes Mar 22, 2026
View reviewed changes
Copy link
Collaborator

@jbemmel jbemmel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think a regression test case for bgp.originate: 0.0.0.0/0 would be good; we may also want to consider deprecating bgp.session default_originate, in favor of this more intuitive (imho) version

@ipspace
Copy link
Owner Author

ipspace commented Mar 22, 2026

we may also want to consider deprecating bgp.session default_originate, in favor of this more intuitive (imho) version

We need both (there's a reason many devices support both ;) -- you might want to advertise a default route without having it, and you might want to advertise it only to some neighbors (customers but not peers)

@ipspace ipspace merged commit bbd378f into dev Mar 22, 2026
12 checks passed
@ipspace ipspace deleted the fix-reserved-check branch March 22, 2026 08:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@jbemmel jbemmel jbemmel approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Enhancement] BGP originate does not allow 0.0.0.0/0 prefix

3 participants

@ipspace @jbemmel