fix(api): removing a few more ipv6 guards in api handlers

Continuing to chip away at [IPv6 support](NVIDIA#84) work.

Work thus far has included:
- Moving to `IpNetwork` and `IpAddress` throughout ([NVIDIA#192](NVIDIA#192)).
- Accepting IPv6 site prefixes and network segments. ([NVIDIA#204](NVIDIA#204)).
- Making the IP allocator family-aware ([NVIDIA#217](NVIDIA#217)).
- Making the prefix allocator family-aware ([NVIDIA#237](NVIDIA#237)).

This PR is a little less exciting, and removes a few additional `"if ip.is_ipv6()"` guards at the API layer. With the previous PRs in place to make the backend support dual stack environments, these guards are no longer needed: the downstream code (such as database queries and instance lookups) all work with `IpAddr` and `inet` columns natively.*

*Note: The DPA overlay/underlay guards in `dhcp/discover.rs` are **intentionally kept** here -- DPA will, for the foreseeable future, only support IPv4, because the Algo IP mechanism, and our inference of an underlay IP based on the `giaddr`, is IPv4 only; we don't even know how it will support IPv6 yet.*

Changes here include:
- Removed the IPv6 guard in the address finder `search()` function -- you can search IPv6 addresses for `StaticData`, `ResourcePools`, InstanceAddresses`, `MachineAddresses`, `BmcIp`, `ExploredEndpoint`, `LoopbackIp`, `NetworkSegment`, `RouteServers`, and `DpaAddresses` (even though DPA won't have an IPv6 address). The match on `NetworkSegment` did get small tweak -- it was hard-coded to `/32`, for single interfaces, so now it will do `/32` or `/128`. In practice, and as we get closer with IPv6, I'm not sure what prefix we'll allocate to single interfaces, so the `/128` will probably change here.
- Removed the IPv6 guard from `get_cloud_init_instructions()` -- all of the downstream code from here is dual stack and supports IPv6. BUT, I did leave a note that, even though everything downstream is IPv6-capable, that it doesn't really mean much until we integrate DHCPv6 support to actually hand out IPv6 addresses, which once we do it, things should "just work".
- A small tweak in `admin-cli` tests around parsing IP addresses. Just made it support IPv6.
- Improve how we determine interface prefix lengths -- instead of just hard-coding values for IPv4 or IPv6, I'm seeing if we can get some mileage out of the `IdentifyAddressFamily` trait that we have hanging out, with an `.interface_prefix_len()` function on that. I had also considered an `InterfacePrefix` enum with `InterfacePrefix::Ipv4` and `InterfacePrefix::Ipv6`, but kept going back and forth.

Signed-off-by: Chet Nichols III <chetn@nvidia.com>

Author: chet

crates/admin-cli/src/ip/args.rs

@@ -26,5 +26,5 @@ pub enum Cmd {
 #[derive(Parser, Debug, Clone)]
 pub struct IpFind {
     /// The IP address we are looking to identify
-    pub ip: std::net::Ipv4Addr,
+    pub ip: std::net::IpAddr,
 }

crates/admin-cli/src/ip/tests.rs

@@ -43,7 +43,7 @@ fn verify_cmd_structure() {
 // including testing required arguments, as well as optional
 // flag-specific checking.
 
-// parse_find_with_valid_ip ensures find parses valid
+// parse_find_with_valid_ip ensures find parses a valid
 // IPv4 address.
 #[test]
 fn parse_find_with_valid_ip() {
@@ -84,12 +84,13 @@ fn parse_find_invalid_ip_fails() {
     assert!(result.is_err(), "should fail with invalid IP");
 }
 
-// parse_find_ipv6_fails ensures find fails with IPv6
-// (expects IPv4).
+// parse_find_ipv6 ensures find parses a valid IPv6 address.
 #[test]
-fn parse_find_ipv6_fails() {
-    let result = Cmd::try_parse_from(["ip", "find", "::1"]);
-    assert!(result.is_err(), "should fail with IPv6 address");
+fn parse_find_ipv6() {
+    let cmd = Cmd::try_parse_from(["ip", "find", "::1"]).expect("should parse IPv6 address");
+    match cmd {
+        Cmd::Find(args) => assert_eq!(args.ip.to_string(), "::1"),
+    }
 }
 
 // parse_find_missing_ip_fails ensures find requires

crates/api-db/src/ip_allocator.rs

@@ -20,6 +20,7 @@ use std::net::{IpAddr, Ipv4Addr, Ipv6Addr};
 
 use carbide_uuid::instance::InstanceId;
 use carbide_uuid::network::NetworkPrefixId;
+use forge_network::ip::IdentifyAddressFamily;
 use ipnetwork::{IpNetwork, Ipv4Network, Ipv6Network};
 use model::address_selection_strategy::AddressSelectionStrategy;
 use model::network_prefix::NetworkPrefix;
@@ -349,7 +350,10 @@ fn build_allocated_networks(
     if let Some(gateway) = segment_prefix.gateway
         && segment_prefix.prefix.contains(gateway)
     {
-        allocated_ips.push(IpNetwork::new(gateway, max_prefix_len(gateway))?);
+        allocated_ips.push(IpNetwork::new(
+            gateway,
+            gateway.address_family().interface_prefix_len(),
+        )?);
     }
 
     // Next, exclude the first "N" number of addresses in the segment
@@ -363,7 +367,7 @@ fn build_allocated_networks(
         .iter()
         .take(segment_prefix.num_reserved as usize)
     {
-        let next_net = IpNetwork::new(next_ip, max_prefix_len(next_ip))?;
+        let next_net = IpNetwork::new(next_ip, next_ip.address_family().interface_prefix_len())?;
         allocated_ips.push(next_net);
     }
 
@@ -377,10 +381,13 @@ fn build_allocated_networks(
     if should_reserve_network_broadcast {
         let network_addr = segment_prefix.prefix.network();
         let broadcast_addr = segment_prefix.prefix.broadcast();
-        allocated_ips.push(IpNetwork::new(network_addr, max_prefix_len(network_addr))?);
+        allocated_ips.push(IpNetwork::new(
+            network_addr,
+            network_addr.address_family().interface_prefix_len(),
+        )?);
         allocated_ips.push(IpNetwork::new(
             broadcast_addr,
-            max_prefix_len(broadcast_addr),
+            broadcast_addr.address_family().interface_prefix_len(),
         )?);
     }
 
@@ -446,14 +453,6 @@ fn get_network_size(ip_network: &IpNetwork) -> u32 {
     }
 }
 
-/// Returns the maximum prefix length for a single host address (32 for IPv4, 128 for IPv6).
-fn max_prefix_len(ip: IpAddr) -> u8 {
-    match ip {
-        IpAddr::V4(_) => 32,
-        IpAddr::V6(_) => 128,
-    }
-}
-
 // get_network_details computes some details to be
 // used by next_available_prefix, including the
 // base IP for the network segment, the broadcast IP,

crates/api/Cargo.toml

@@ -173,9 +173,7 @@ x509-parser = { features = ["verify"], workspace = true }
 
 [features]
 default = ["linux-build"]
-linux-build = [
-  "tss-esapi",
-]
+linux-build = ["tss-esapi"]
 
 [build-dependencies]
 carbide-version = { path = "../version" }

crates/api/src/handlers/finder.rs

@@ -27,6 +27,7 @@ use carbide_uuid::machine::MachineInterfaceId;
 use carbide_uuid::network::NetworkSegmentId;
 use carbide_uuid::vpc::VpcId;
 use db::{DatabaseError, ObjectColumnFilter, instance, network_segment, vpc};
+use forge_network::ip::IdentifyAddressFamily;
 use model::network_segment::NetworkSegmentSearchConfig;
 use model::resource_pool::ResourcePoolEntryState;
 use model::route_server::RouteServerSourceType;
@@ -201,11 +202,6 @@ async fn search(
     ip: &str,
 ) -> Result<Option<rpc::IpAddressMatch>, CarbideError> {
     let addr: IpAddr = ip.parse()?;
-    if addr.is_ipv6() {
-        return Err(CarbideError::InvalidArgument(
-            "Ipv6 not yet supported".to_string(),
-        ));
-    }
 
     let mut txn = api.txn_begin().await?;
 
@@ -330,7 +326,10 @@ async fn search(
 
         // Network segment that contains this IP address
         NetworkSegment => {
-            let out = db::network_prefix::containing_prefix(&mut txn, &format!("{ip}/32")).await?;
+            let host_prefix = addr.address_family().interface_prefix_len();
+            let out =
+                db::network_prefix::containing_prefix(&mut txn, &format!("{ip}/{host_prefix}"))
+                    .await?;
             out.first().map(|prefix| {
                 let message = format!(
                     "{ip} is in prefix {} of segment {}, gateway {}",

crates/api/src/handlers/pxe.rs

@@ -57,10 +57,14 @@ pub(crate) async fn get_cloud_init_instructions(
     let ip: IpAddr = ip_str
         .parse()
         .map_err(|e| Status::invalid_argument(format!("Failed parsing IP '{ip_str}': {e}")))?;
-    if ip.is_ipv6() {
-        return Err(CarbideError::internal("IPv6 not supported".to_string()).into());
-    }
 
+    // Note that this code path supports IPv6 at the *API layer*, but won't be
+    // able to be exercised until DHCPv6 is working, which is a whole other thing
+    // we need to work on: machines need an IPv6 address before they can request
+    // cloud-init instructions over IPv6, and while we've made changes to site
+    // prefix, network segment, and IP allocators behind the scenes for supporting
+    // dual stacking interfaces, none of that means much until DHCPv6 is working
+    // to actually hand those addresses out.
     let instructions = match db::instance_address::find_by_address(&mut txn, ip).await? {
         None => {
             // assume there is no instance associated with this IP and check if there is an interface associated with it

crates/api/src/network_segment/allocate.rs

@@ -18,6 +18,7 @@ use std::net::{IpAddr, Ipv4Addr, Ipv6Addr};
 
 use carbide_uuid::network::NetworkSegmentId;
 use carbide_uuid::vpc::{VpcId, VpcPrefixId};
+use forge_network::ip::IdentifyAddressFamily;
 use ipnetwork::IpNetwork;
 use itertools::Itertools;
 use model::network_prefix::NewNetworkPrefix;
@@ -44,12 +45,6 @@ fn u128_to_ip(val: u128, is_v6: bool) -> IpAddr {
     }
 }
 
-/// max_prefix_bits returns the maximum prefix length for the address
-/// family (32 for IPv4, 128 for IPv6).
-fn max_prefix_bits(prefix: &IpNetwork) -> u32 {
-    if prefix.is_ipv6() { 128 } else { 32 }
-}
-
 /// wrap_to_prefix_start returns `addr` if it falls within the VPC prefix,
 /// otherwise wraps around to the start of the VPC prefix.
 fn wrap_to_prefix_start(addr: IpAddr, vpc_prefix: &IpNetwork) -> IpAddr {
@@ -131,7 +126,7 @@ impl PrefixAllocator {
         last_used_prefix: Option<IpNetwork>,
         prefix: u8,
     ) -> CarbideResult<PrefixAllocator> {
-        let max_bits = max_prefix_bits(&vpc_prefix) as u8;
+        let max_bits = vpc_prefix.address_family().interface_prefix_len();
         if prefix > max_bits {
             return Err(CarbideError::InvalidArgument(format!(
                 "prefix length {prefix} exceeds maximum for address family ({max_bits})"
@@ -253,7 +248,7 @@ impl Iterator for PrefixIterator {
             return Some(IpNetwork::new(ip, self.prefix).unwrap());
         }
 
-        let max_bits = max_prefix_bits(&self.vpc_prefix);
+        let max_bits = self.vpc_prefix.address_family().interface_prefix_len() as u32;
         // Number of host bits in the needed prefix.
         let host_bits: u32 = max_bits - self.prefix as u32;
         // Mask for the network portion of the address.

crates/network/src/ip/address_family.rs

@@ -22,6 +22,17 @@ pub enum IpAddressFamily {
     Ipv6,
 }
 
+impl IpAddressFamily {
+    /// Returns the prefix length for a single interface address in this family
+    /// (32 for IPv4, 128 for IPv6).
+    pub const fn interface_prefix_len(self) -> u8 {
+        match self {
+            IpAddressFamily::Ipv4 => 32,
+            IpAddressFamily::Ipv6 => 128,
+        }
+    }
+}
+
 pub trait IdentifyAddressFamily {
     /// Return the address family for this value.
     fn address_family(&self) -> IpAddressFamily;
@@ -101,4 +112,16 @@ mod tests {
             Err(42)
         )
     }
+
+    #[test]
+    fn test_interface_prefix_len() {
+        assert_eq!(IpAddressFamily::Ipv4.interface_prefix_len(), 32);
+        assert_eq!(IpAddressFamily::Ipv6.interface_prefix_len(), 128);
+
+        // Also test via the IdentifyAddressFamily trait on IpAddr.
+        let v4: IpAddr = "10.0.0.1".parse().unwrap();
+        let v6: IpAddr = "fd00::1".parse().unwrap();
+        assert_eq!(v4.address_family().interface_prefix_len(), 32);
+        assert_eq!(v6.address_family().interface_prefix_len(), 128);
+    }
 }