From d52439def9cff58c9f397e7505e58247d088110f Mon Sep 17 00:00:00 2001
From: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
Date: Tue, 15 Oct 2024 13:34:50 +0200
Subject: [PATCH 1/2] tests/network-bridge-firewall: add IPv6 CIDR size checks
 test

Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
---
 tests/network-bridge-firewall | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/tests/network-bridge-firewall b/tests/network-bridge-firewall
index 7f3cffa63..2426f46e6 100755
--- a/tests/network-bridge-firewall
+++ b/tests/network-bridge-firewall
@@ -18,6 +18,19 @@ lxc network create lxdbr0 \
     ipv4.address=192.0.2.1/24 \
     ipv6.address=2001:db8::1/64 \
     ipv4.dhcp.ranges=192.0.2.2-192.0.2.199
+
+if hasNeededAPIExtension warnings; then
+    echo "=> Ensure that IPv6 CIDR size checks in LXD are correct"
+    # Check that we produce a warning if user sets a prefix larger than /64
+    lxc network set lxdbr0 ipv6.address=2001:db8::1/48
+    lxc warning list | grep "IPv6 networks with a prefix larger than 64"
+    # Check that there is no warning if user sets prefix smaller than /64
+    lxc network set lxdbr0 ipv6.address=2001:db8::1/65
+    ! lxc warning list | grep "IPv6 networks with a prefix larger than 64" || false
+    # set a right subnet for the test
+    lxc network set lxdbr0 ipv6.address=2001:db8::1/64
+fi
+
 lxc profile device add default root disk path=/ pool=default
 
 echo "=> Setting up firewall tooling and checking versions"

From 5668a132fb87b5c0d8d91630e8cb1a0d88e3d36f Mon Sep 17 00:00:00 2001
From: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
Date: Tue, 15 Oct 2024 13:35:23 +0200
Subject: [PATCH 2/2] tests/network-ovn: add IPv6 CIDR size checks test

Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
---
 tests/network-ovn | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/tests/network-ovn b/tests/network-ovn
index 5877cc4fe..12e1a6e7d 100755
--- a/tests/network-ovn
+++ b/tests/network-ovn
@@ -186,6 +186,14 @@ ovn_basic_tests() {
         ipv4.nat=false \
         ipv6.nat=false
 
+    echo "===> Ensure that IPv6 CIDR size checks in LXD are correct"
+    # Check that user can set prefix larger than /64
+    lxc network set ovn-virtual-network ipv6.address=2001:db8:1:2::1/48
+    # Check that user can't set prefix smaller than /64
+    ! lxc network set ovn-virtual-network ipv6.address=2001:db8:1:2::1/65 || false
+    # set a right subnet for the test
+    lxc network set ovn-virtual-network ipv6.address=2001:db8:1:2::1/64
+
     echo "==> Check network external subnet overlap is prevented"
     ! lxc network create ovn-virtual-network2 --type=ovn --project default network=dummy \
         ipv4.address=198.51.100.1/26 \
@@ -193,6 +201,7 @@ ovn_basic_tests() {
 
     ! lxc network create ovn-virtual-network2 --type=ovn --project default network=dummy \
         ipv6.address=2001:db8:1:2::1/122 \
+        ipv6.dhcp.stateful=true \
         ipv6.nat=false || false
 
     # Check uplink dns.nameservers changes are applied to dependent OVN networks.
@@ -208,6 +217,7 @@ ovn_basic_tests() {
         ipv4.address=198.51.100.1/26 \
         ipv4.nat=false \
         ipv6.address=2001:db8:1:2::1/122 \
+        ipv6.dhcp.stateful=true \
         ipv6.nat=false
 
     lxc network delete ovn-virtual-network2 --project default