[Freeipa-devel] [PATCH] 302 Stricter IP network validator in dnszone-add command
Petr Spacek
pspacek at redhat.com
Wed Sep 5 10:22:29 UTC 2012
On 09/05/2012 11:30 AM, Jan Cholasta wrote:
> Dne 5.9.2012 10:04, Martin Kosek napsal(a):
>> We allowed IP addresses without network specification which lead
>> to unexpected results when the zone was being created. We should rather
>> strictly require the prefix/netmask specifying the IP network that
>> the reverse zone should be created for. This is already done in
>> Web UI.
>>
>> A unit test exercising this new validation was added.
>>
>> https://fedorahosted.org/freeipa/ticket/2461
>>
>
> I don't like this much. I would suggest using CheckedIPAddress and not forcing
> the user to enter the prefix length instead.
>
> CheckedIPAddress uses a sensible default prefix length if one is not specified
> (class-based for IPv4, /64 for IPv6) as opposed to IPNetwork (/32 for IPv4,
> /128 for IPv6 - this causes the erroneous reverse zones to be created as
> described in the ticket).
>
Hello,
I don't like automatic netmask guessing. I have met class-based guessing in
Windows (XP?) and I was forced to overwrite default mask all the time ...
IMHO there is no "sensible default prefix" in real world. I sitting on network
with /23 prefix right now. Also, I have never seen 10.x network with /8 prefix.
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list