Skip to content

check if a source NAT IP address is needed before assigning one #12408

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
DaanHoogland wants to merge 1 commit into
base: 4.20
Choose a base branch
from
Open

check if a source NAT IP address is needed before assigning one #12408

DaanHoogland wants to merge 1 commit into from
+26 −88

Conversation

@DaanHoogland
Copy link
Contributor

@DaanHoogland DaanHoogland commented Jan 12, 2026

Description

This PR...

Fixes: #10122

Types of changes

  • Breaking change (fix or feature that would cause existing functionality to change)
  • New feature (non-breaking change which adds functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • Enhancement (improves an existing feature and functionality)
  • Cleanup (Code refactoring and cleanup, that may add test cases)
  • Build/CI
  • Test (unit or integration test code)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

  • Major
  • Minor

Bug Severity

  • BLOCKER
  • Critical
  • Major
  • Minor
  • Trivial

Screenshots (if appropriate):

How Has This Been Tested?

How did you try to break this feature and the system with this change?

@codecov
Copy link

codecov bot commented Jan 12, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 0% with 18 lines in your changes missing coverage. Please review.
✅ Project coverage is 16.24%. Comparing base (ef1aaa0) to head (519b8cf).
⚠️ Report is 9 commits behind head on 4.20.

Files with missing lines Patch % Lines
...n/java/com/cloud/network/IpAddressManagerImpl.java 0.00% 17 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff            @@
##               4.20   #12408   +/-   ##
=========================================
  Coverage     16.23%   16.24%           
  Complexity    13381    13381           
=========================================
  Files          5657     5657           
  Lines        498947   499002   +55     
  Branches      60555    60571   +16     
=========================================
+ Hits          81025    81039   +14     
- Misses       408889   408924   +35     
- Partials       9033     9039    +6
Flag Coverage Δ
uitests 4.03% <ø> (+0.02%) ⬆️
unittests 17.09% <0.00%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@DaanHoogland
Copy link
Contributor Author

DaanHoogland commented Jan 13, 2026

@blueorangutan package

@blueorangutan
Copy link

blueorangutan commented Jan 13, 2026

@DaanHoogland a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

@blueorangutan
Copy link

blueorangutan commented Jan 13, 2026

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 16344

@DaanHoogland DaanHoogland requested a review from Copilot January 13, 2026 13:02
Copilot AI reviewed Jan 13, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses issue #10122 regarding incorrect IP address labeling as "Source NAT" in Routed VPC networks. The main change introduces logic to check if a network is routed before assigning a source NAT IP address, which prevents unnecessary source NAT IP allocation for routed networks where Source NAT service is not applicable.

Changes:

  • Adds new isRouted() method to determine if a network uses routing mode
  • Updates assignSourceNatIpAddressToGuestNetwork() to conditionally assign source NAT based on routing mode
  • Updates isSourceNatAvailableForNetwork() to treat networks with routing mode as having shared source NAT
  • Includes extensive code cleanup: removes unused imports and fields, applies diamond operators, and simplifies conditional logic

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@DaanHoogland DaanHoogland requested a review from Copilot January 13, 2026 13:21
@weizhouapache
Copy link
Member

weizhouapache commented Jan 13, 2026

@DaanHoogland
as I understand, #10122 is a UI issue.
Does this PR fix other issues ?

@DaanHoogland
Copy link
Contributor Author

DaanHoogland commented Jan 13, 2026

@DaanHoogland as I understand, #10122 is a UI issue. Does this PR fix other issues ?

it is not a pure UI issue. The IP address is marked as source NAT in the DB. I am not sure if this addresses all scenarios yet, but it will prevent marking the primary IP for a ROUTED-mode network as source NAT.

Copilot AI reviewed Jan 13, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 10 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@DaanHoogland DaanHoogland force-pushed the ghi10122-routedModeWithSourceNAT branch from e8cebc6 to 7274c9e Compare January 14, 2026 14:44
@DaanHoogland DaanHoogland requested a review from Copilot January 14, 2026 14:44
Copilot AI reviewed Jan 14, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 2 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

server/src/main/java/com/cloud/network/IpAddressManagerImpl.java
Comment on lines +1037 to +1050
private boolean isRouted(Network guestNetwork) {
VpcOffering vpcOffer = null;
NetworkOffering netOffer = _networkOfferingDao.findById(guestNetwork.getNetworkOfferingId());
if (netOffer == null) {
throw new CloudRuntimeException("network without offering found???");
}
if (netOffer.isForVpc() && guestNetwork.getVpcId() != null) {
VpcVO vpc = _vpcDao.findById(guestNetwork.getVpcId());
if (vpc != null) {
vpcOffer = vpcOfferingDao.findById(vpc.getVpcOfferingId());
}
}
return netOffer.getRoutingMode() != null || (vpcOffer != null && vpcOffer.getRoutingMode() != null);
}
Copy link

Copilot AI Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The new isRouted method lacks test coverage. Since the repository has comprehensive test coverage for IpAddressManagerImpl (see IpAddressManagerTest.java), consider adding unit tests to verify:

  1. The method correctly identifies routed networks based on NetworkOffering routing mode
  2. The method correctly identifies routed VPC networks based on VPC offering routing mode
  3. Edge cases like null VPC or null VPC offering are handled properly

Copilot uses AI. Check for mistakes.
@DaanHoogland DaanHoogland force-pushed the ghi10122-routedModeWithSourceNAT branch from 7274c9e to 519b8cf Compare January 14, 2026 15:19
@weizhouapache
Copy link
Member

weizhouapache commented Jan 14, 2026

@DaanHoogland as I understand, #10122 is a UI issue. Does this PR fix other issues ?

it is not a pure UI issue. The IP address is marked as source NAT in the DB. I am not sure if this addresses all scenarios yet, but it will prevent marking the primary IP for a ROUTED-mode network as source NAT.

ok @DaanHoogland
it is becoming a PR with big impact then.

as I understand, what @msinhore wanted is the change of label of public IP. source nat of routed network confuses users, need to change to "external gateway" or so
what ACS saves into database and how it is processed in the service layer are not very important.

@DaanHoogland
Copy link
Contributor Author

DaanHoogland commented Jan 14, 2026

@DaanHoogland as I understand, #10122 is a UI issue. Does this PR fix other issues ?

it is not a pure UI issue. The IP address is marked as source NAT in the DB. I am not sure if this addresses all scenarios yet, but it will prevent marking the primary IP for a ROUTED-mode network as source NAT.

ok @DaanHoogland it is becoming a PR with big impact then.

as I understand, what @msinhore wanted is the change of label of public IP. source nat of routed network confuses users, need to change to "external gateway" or so what ACS saves into database and how it is processed in the service layer are not very important.

isSourceNat is a flag returned to the UI, if we do not change it in the service we have to honour that flag conditionally. Not a very clean solution either and technical debt at the same time. I would suggest we fix it good or not.

@weizhouapache
Copy link
Member

weizhouapache commented Jan 14, 2026

@DaanHoogland as I understand, #10122 is a UI issue. Does this PR fix other issues ?

it is not a pure UI issue. The IP address is marked as source NAT in the DB. I am not sure if this addresses all scenarios yet, but it will prevent marking the primary IP for a ROUTED-mode network as source NAT.

ok @DaanHoogland it is becoming a PR with big impact then.
as I understand, what @msinhore wanted is the change of label of public IP. source nat of routed network confuses users, need to change to "external gateway" or so what ACS saves into database and how it is processed in the service layer are not very important.

isSourceNat is a flag returned to the UI, if we do not change it in the service we have to honour that flag conditionally. Not a very clean solution either and technical debt at the same time. I would suggest we fix it good or not.

ok.
please bear in mind, Routed network requires a public IP for VR, as external gateway IP.
you can set isSourceNat to false in response, but may need to add another flag, for example isGateway which is set to true.

a simple workaround on UI

  • if IP is source nat,
    • if network is Routed, display "external gateway"
    • if not, display "source nat"
  • xxx

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

component:networking

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@DaanHoogland @blueorangutan @weizhouapache