Skip to content

Fix VPC restart with multi-CIDR networks: handle comma-separated CIDR…#12622

Open
jeanvetorello wants to merge 1 commit intoapache:mainfrom
jeanvetorello:fix/vpc-restart-cidr-minimal
Open

Fix VPC restart with multi-CIDR networks: handle comma-separated CIDR…#12622
jeanvetorello wants to merge 1 commit intoapache:mainfrom
jeanvetorello:fix/vpc-restart-cidr-minimal

Conversation

@jeanvetorello
Copy link
Contributor

@jeanvetorello jeanvetorello commented Feb 9, 2026

#12621
… in NetworkVO.equals()

When a network has multiple CIDRs (e.g. '192.168.2.0/24,160.0.0.0/24'), NetworkVO.equals() passes the raw comma-separated string to NetUtils.isNetworkAWithinNetworkB() which expects a single CIDR, causing 'cidr is not formatted correctly' error during VPC restart with cleanup=true.

Extract only the first CIDR value before passing to NetUtils.

Description

This PR...

Types of changes

Bug fix (non-breaking change which fixes an issue)

Bug Severity

  • Major

Screenshots (if appropriate):

How Has This Been Tested?

  • Reproduced the issue on a CloudStack 4.21.0.0 environment with two public IP ranges
    on different VLANs assigned to the same VPC
  • Applied the fix and confirmed VPC restart with cleanup=true completes successfully
  • Verified unit tests pass for NetworkVO.equals() with both single and comma-separated CIDRs

How did you try to break this feature and the system with this change?

Fix VPC restart with multi-CIDR networks: handle comma-separated CIDR…
acf2228 
… in NetworkVO.equals()

When a network has multiple CIDRs (e.g. '192.168.2.0/24,160.0.0.0/24'),
NetworkVO.equals() passes the raw comma-separated string to
NetUtils.isNetworkAWithinNetworkB() which expects a single CIDR,
causing 'cidr is not formatted correctly' error during VPC restart
with cleanup=true.

Extract only the first CIDR value before passing to NetUtils.
@sureshanaparti
Copy link
Contributor

sureshanaparti commented Feb 10, 2026

@blueorangutan package

@sureshanaparti
Copy link
Contributor

sureshanaparti commented Feb 10, 2026

@blueorangutan package

@codecov
Copy link

codecov bot commented Feb 10, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 0% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 17.90%. Comparing base (d3e1976) to head (acf2228).

Files with missing lines Patch % Lines
...src/main/java/com/cloud/network/dao/NetworkVO.java 0.00% 3 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff            @@
##               main   #12622   +/-   ##
=========================================
  Coverage     17.90%   17.90%           
+ Complexity    16094    16093    -1     
=========================================
  Files          5938     5938           
  Lines        532864   532866    +2     
  Branches      65192    65192           
=========================================
+ Hits          95392    95395    +3     
  Misses       426793   426793           
+ Partials      10679    10678    -1
Flag Coverage Δ
uitests 3.67% <ø> (ø)
unittests 19.00% <0.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@sureshanaparti
Copy link
Contributor

sureshanaparti commented Feb 10, 2026

@blueorangutan package

Copilot AI reviewed Feb 10, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes VPC restart failures for multi-CIDR networks by ensuring NetworkVO.equals() does not pass a raw comma-separated CIDR list into NetUtils.isNetworkAWithinNetworkB(), which expects a single CIDR.

Changes:

  • Normalize cidr values in NetworkVO.equals() by extracting the first CIDR from comma-separated strings before comparing.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

engine/schema/src/main/java/com/cloud/network/dao/NetworkVO.java
Comment on lines +603 to +605
return NetUtils.isNetworkAWithinNetworkB(
com.cloud.utils.StringUtils.getFirstValueFromCommaSeparatedString(cidr),
com.cloud.utils.StringUtils.getFirstValueFromCommaSeparatedString(that.cidr));
Copy link

Copilot AI Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

equals is using NetUtils.isNetworkAWithinNetworkB(...), which is not symmetric (A within B does not imply B within A). That means NetworkVO.equals can violate the Java equals contract, and it is also inconsistent with hashCode() (which is based only on id). Consider switching equals/hashCode to be id-based like other VOs, or (if CIDR-based equality is truly intended) make the comparison symmetric and update hashCode accordingly (e.g., based on the same normalized CIDR(s) and trafficType).

Copilot uses AI. Check for mistakes.
engine/schema/src/main/java/com/cloud/network/dao/NetworkVO.java
Comment on lines +603 to +605
return NetUtils.isNetworkAWithinNetworkB(
com.cloud.utils.StringUtils.getFirstValueFromCommaSeparatedString(cidr),
com.cloud.utils.StringUtils.getFirstValueFromCommaSeparatedString(that.cidr));
Copy link

Copilot AI Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor maintainability: getFirstValueFromCommaSeparatedString(...) is computed twice inline. Assign the normalized CIDRs to local variables before calling isNetworkAWithinNetworkB to avoid repeated splitting/trimming and make debugging/logging easier.

Suggested change
return NetUtils.isNetworkAWithinNetworkB(
com.cloud.utils.StringUtils.getFirstValueFromCommaSeparatedString(cidr),
com.cloud.utils.StringUtils.getFirstValueFromCommaSeparatedString(that.cidr));
final String normalizedCidr = com.cloud.utils.StringUtils.getFirstValueFromCommaSeparatedString(cidr);
final String normalizedThatCidr = com.cloud.utils.StringUtils.getFirstValueFromCommaSeparatedString(that.cidr);
return NetUtils.isNetworkAWithinNetworkB(normalizedCidr, normalizedThatCidr);

Copilot uses AI. Check for mistakes.
@DaanHoogland
Copy link
Contributor

DaanHoogland commented Feb 10, 2026

@blueorangutan package

@blueorangutan
Copy link

blueorangutan commented Feb 10, 2026

@DaanHoogland a [SL] Jenkins job has been kicked to build packages. It will be bundled with no SystemVM templates. I'll keep you posted as I make progress.

@blueorangutan
Copy link

blueorangutan commented Feb 10, 2026

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✖️ debian ✔️ suse15. SL-JID 16776

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@weizhouapache weizhouapache Awaiting requested review from weizhouapache

Assignees

No one assigned

Labels

component:networking

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jeanvetorello @sureshanaparti @DaanHoogland @blueorangutan