Should this be a valid range?

From: ::%a

To: ::%b

Seems pretty weird, but the current code allows it.

Actually, the current code is even weirder, because zones play into the Less function. So From=::1%b, To=::2%a is valid, but From=::1%b, To=::1%a is not, because b > a.

IPPrefix.Contains also ignores zones. Maybe that's right? Seems like maybe it'd be worth taking a pass over the whole package documenting what happens with zones, and making sure the implementation matches. I'm not sure I have enough networking experience to make those decisions well.

Yeah, we definitely need a policy decision & docs on this.

How about:

• an IPRange is not Valid if the From & To zones don't match
• an IPPrefix does not contain an IP with a different zone
• an IPRange does not contain an IP with a different zone

/cc @danderson @mdlayher

+1 from me, I've been thinking on this and I think the presence of differing zones should be enough to ensure that prefixes/ranges/IPs don't overlap.

The canonical example would be link-local addresses in IPv6 which might be the same on different logical interfaces but do not overlap due to the zones:

[matt@routnerr-2:~]$ ip -6 a s | grep "fe80::" | sort | uniq -c
      1     inet6 fe80::20d:b9ff:fe53:eacc/64 scope link 
      6     inet6 fe80::20d:b9ff:fe53:eacd/64 scope link 
      1     inet6 fe80::/64 scope link 

This got fixed a while back.