You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As part of #4597, I discovered that it is currently possible to add CIDR resources with overlapping IP ranges. We currently use longest_match to select, which resource the user wants to access based on an incoming IP packet.
I don't know if this is intentional or not and I am not sure which resource "wins" here (I think the one that got added first?). I've not been involved in the design decisions here but I think we should disallow overlapping IP ranges.
The text was updated successfully, but these errors were encountered:
thomaseizinger
changed the title
connlib: how to handle overlapping IP ranges?
connlib: how to handle overlapping IP ranges of CIDR resources?
Apr 19, 2024
As part of #4597, I discovered that it is currently possible to add CIDR resources with overlapping IP ranges. We currently use
longest_match
to select, which resource the user wants to access based on an incoming IP packet.I don't know if this is intentional or not and I am not sure which resource "wins" here (I think the one that got added first?). I've not been involved in the design decisions here but I think we should disallow overlapping IP ranges.
The text was updated successfully, but these errors were encountered: