Only check if route overlaps routes with scope: LINK

Signed-off-by: Alex Nordlund <alexander.nordlund@nasdaq.com>
moby · Aug 25, 2021 · ee9e526 · ee9e526
1 parent 42d2048
commit ee9e526
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 2 deletions.
diff --git a/libnetwork/netutils/utils_linux.go b/libnetwork/netutils/utils_linux.go
@@ -31,7 +31,7 @@ func CheckRouteOverlaps(toCheck *net.IPNet) error {
 		return err
 	}
 	for _, network := range networks {
-		if network.Dst != nil && NetworkOverlaps(toCheck, network.Dst) {
+		if network.Dst != nil && network.Scope == netlink.SCOPE_LINK && NetworkOverlaps(toCheck, network.Dst) {
 			return ErrNetworkOverlaps
 		}
 	}

diff --git a/libnetwork/netutils/utils_linux_test.go b/libnetwork/netutils/utils_linux_test.go
@@ -46,8 +46,11 @@ func TestCheckRouteOverlaps(t *testing.T) {
 		routes := []netlink.Route{}
 		for _, addr := range routesData {
 			_, netX, _ := net.ParseCIDR(addr)
-			routes = append(routes, netlink.Route{Dst: netX})
+			routes = append(routes, netlink.Route{Dst: netX, Scope: netlink.SCOPE_LINK})
 		}
+		// Add a route with a scope which should not overlap
+		_, netX, _ := net.ParseCIDR("10.0.5.0/24")
+		routes = append(routes, netlink.Route{Dst: netX, Scope: netlink.SCOPE_UNIVERSE})
 		return routes, nil
 	}
 	defer func() { networkGetRoutesFct = nil }()
@@ -61,6 +64,11 @@ func TestCheckRouteOverlaps(t *testing.T) {
 	if err := CheckRouteOverlaps(netX); err == nil {
 		t.Fatal("10.0.2.0/24 and 10.0.2.0 should overlap but it doesn't")
 	}
+
+	_, netX, _ = net.ParseCIDR("10.0.5.0/24")
+	if err := CheckRouteOverlaps(netX); err != nil {
+		t.Fatal("10.0.5.0/24 and 10.0.5.0 with scope UNIVERSE should not overlap but it does")
+	}
 }
 
 func TestCheckNameserverOverlaps(t *testing.T) {