oxidecomputer · bnaecker · Mar 26, 2026 · Mar 25, 2026 · Mar 26, 2026 · Mar 26, 2026
diff --git a/common/src/api/internal/shared/external_ip/mod.rs b/common/src/api/internal/shared/external_ip/mod.rs
diff --git a/common/src/api/internal/shared/external_ip/v1.rs b/common/src/api/internal/shared/external_ip/v1.rs
@@ -7,6 +7,8 @@
 use super::SourceNatConfigError;
 use crate::address::NUM_SOURCE_NAT_PORTS;
 use daft::Diffable;
+use itertools::Either;
+use itertools::Itertools as _;
 use schemars::JsonSchema;
 use serde::Deserialize;
 use serde::Serialize;
@@ -107,3 +109,225 @@ impl SourceNatConfig {
         self.port_range().into_inner()
     }
 }
+
+/// A single- or dual-stack external IP configuration.
+// This is version 1 of `ExternalIpConfig`, kept for compatibility with
+// older versions of the sled-agent API which used this format. New code
+// should use `ExternalIpConfig` from the parent module.
+#[derive(Clone, Debug, Deserialize, JsonSchema, PartialEq, Serialize)]
+#[serde(rename_all = "snake_case", tag = "type", content = "value")]
+pub enum ExternalIpConfig {
+    /// Single-stack IPv4 external IP configuration.
+    V4(super::ExternalIpv4Config),
+    /// Single-stack IPv6 external IP configuration.
+    V6(super::ExternalIpv6Config),
+    /// Both IPv4 and IPv6 external IP configuration.
+    DualStack { v4: super::ExternalIpv4Config, v6: super::ExternalIpv6Config },
+}
+
+impl From<super::ExternalIpv4Config> for ExternalIpConfig {
+    fn from(cfg: super::ExternalIpv4Config) -> Self {
+        Self::V4(cfg)
+    }
+}
+
+impl From<super::ExternalIpv6Config> for ExternalIpConfig {
+    fn from(cfg: super::ExternalIpv6Config) -> Self {
+        Self::V6(cfg)
+    }
+}
+
+impl ExternalIpConfig {
+    /// Return the IPv4 configuration, if it exists.
+    pub fn ipv4_config(&self) -> Option<&super::ExternalIpv4Config> {
+        match self {
+            ExternalIpConfig::V4(v4)
+            | ExternalIpConfig::DualStack { v4, .. } => Some(v4),
+            ExternalIpConfig::V6(_) => None,
+        }
+    }
+
+    /// Return a mutable reference to the IPv4 configuration, if it exists.
+    pub fn ipv4_config_mut(
+        &mut self,
+    ) -> Option<&mut super::ExternalIpv4Config> {
+        match self {
+            ExternalIpConfig::V4(v4)
+            | ExternalIpConfig::DualStack { v4, .. } => Some(v4),
+            ExternalIpConfig::V6(_) => None,
+        }
+    }
+
+    /// Return the IPv6 configuration, if it exists.
+    pub fn ipv6_config(&self) -> Option<&super::ExternalIpv6Config> {
+        match self {
+            ExternalIpConfig::V6(v6)
+            | ExternalIpConfig::DualStack { v6, .. } => Some(v6),
+            ExternalIpConfig::V4(_) => None,
+        }
+    }
+
+    /// Return a mutable reference to the IPv6 configuration, if it exists.
+    pub fn ipv6_config_mut(
+        &mut self,
+    ) -> Option<&mut super::ExternalIpv6Config> {
+        match self {
+            ExternalIpConfig::V6(v6)
+            | ExternalIpConfig::DualStack { v6, .. } => Some(v6),
+            ExternalIpConfig::V4(_) => None,
+        }
+    }
+
+    /// Attempt to convert from generic IP addressing information.
+    ///
+    /// This is used to convert older API versions which used version-agnostic
+    /// IP address types (`IpAddr`) rather than concrete `Ipv4Addr`/`Ipv6Addr`.
+    ///
+    /// Returns an error if there are no addresses at all, or if there are
+    /// mixed IP versions.
+    pub fn try_from_generic(
+        source_nat: Option<SourceNatConfig>,
+        ephemeral_ip: Option<IpAddr>,
+        floating_ips: Vec<IpAddr>,
+    ) -> Result<Self, ExternalIpsError> {
+        let snat_v4;
+        let snat_v6;
+        match source_nat {
+            Some(snat) => {
+                let (first_port, last_port) = snat.port_range_raw();
+                match snat.ip {
+                    IpAddr::V4(ipv4) => {
+                        snat_v6 = None;
+                        snat_v4 = Some(super::SourceNatConfig::new(
+                            ipv4, first_port, last_port,
+                        )?);
+                    }
+                    IpAddr::V6(ipv6) => {
+                        snat_v6 = Some(super::SourceNatConfig::new(
+                            ipv6, first_port, last_port,
+                        )?);
+                        snat_v4 = None;
+                    }
+                }
+            }
+            None => {
+                snat_v4 = None;
+                snat_v6 = None;
+            }
+        };
+
+        let (fips_v4, fips_v6): (Vec<_>, Vec<_>) =
+            floating_ips.into_iter().partition_map(|fip| match fip {
+                IpAddr::V4(v4) => Either::Left(v4),
+                IpAddr::V6(v6) => Either::Right(v6),
+            });
+
+        match (snat_v4, snat_v6, ephemeral_ip) {
+            (None, None, None) => {
+                match (fips_v4.is_empty(), fips_v6.is_empty()) {
+                    (true, true) => Err(ExternalIpsError::NoIps),
+                    (true, false) => Ok(super::ExternalIps {
+                        source_nat: None,
+                        ephemeral_ip: None,
+                        floating_ips: fips_v6,
+                    }
+                    .into()),
+                    (false, true) => Ok(super::ExternalIps {
+                        source_nat: None,
+                        ephemeral_ip: None,
+                        floating_ips: fips_v4,
+                    }
+                    .into()),
+                    (false, false) => Err(ExternalIpsError::MixedIpVersions),
+                }
+            }
+            (None, None, Some(IpAddr::V4(v4))) => {
+                if !fips_v6.is_empty() {
+                    return Err(ExternalIpsError::MixedIpVersions);
+                }
+                Ok(super::ExternalIps {
+                    source_nat: None,
+                    ephemeral_ip: Some(v4),
+                    floating_ips: fips_v4,
+                }
+                .into())
+            }
+            (None, None, Some(IpAddr::V6(v6))) => {
+                if !fips_v4.is_empty() {
+                    return Err(ExternalIpsError::MixedIpVersions);
+                }
+                Ok(super::ExternalIps {
+                    source_nat: None,
+                    ephemeral_ip: Some(v6),
+                    floating_ips: fips_v6,
+                }
+                .into())
+            }
+            (None, Some(snat_v6), None) => {
+                if !fips_v4.is_empty() {
+                    return Err(ExternalIpsError::MixedIpVersions);
+                }
+                Ok(super::ExternalIps {
+                    source_nat: Some(snat_v6),
+                    ephemeral_ip: None,
+                    floating_ips: fips_v6,
+                }
+                .into())
+            }
+            (None, Some(snat_v6), Some(IpAddr::V6(eip_v6))) => {
+                if !fips_v4.is_empty() {
+                    return Err(ExternalIpsError::MixedIpVersions);
+                }
+                Ok(super::ExternalIps {
+                    source_nat: Some(snat_v6),
+                    ephemeral_ip: Some(eip_v6),
+                    floating_ips: fips_v6,
+                }
+                .into())
+            }
+            (Some(snat_v4), None, None) => {
+                if !fips_v6.is_empty() {
+                    return Err(ExternalIpsError::MixedIpVersions);
+                }
+                Ok(super::ExternalIps {
+                    source_nat: Some(snat_v4),
+                    ephemeral_ip: None,
+                    floating_ips: fips_v4,
+                }
+                .into())
+            }
+            (Some(snat_v4), None, Some(IpAddr::V4(eip_v4))) => {
+                if !fips_v6.is_empty() {
+                    return Err(ExternalIpsError::MixedIpVersions);
+                }
+                Ok(super::ExternalIps {
+                    source_nat: Some(snat_v4),
+                    ephemeral_ip: Some(eip_v4),
+                    floating_ips: fips_v4,
+                }
+                .into())
+            }
+            (Some(_), None, Some(IpAddr::V6(_)))
+            | (None, Some(_), Some(IpAddr::V4(_))) => {
+                Err(ExternalIpsError::MixedIpVersions)
+            }
+            (Some(_), Some(_), None) | (Some(_), Some(_), Some(_)) => {
+                Err(ExternalIpsError::MixedIpVersions)
+            }
+        }
+    }
+}
+
+#[derive(Debug, thiserror::Error)]
+pub enum ExternalIpsError {
+    #[error(
+        "Must specify at least one SNAT, ephemeral, or floating IP address"
+    )]
+    NoIps,
+    #[error(
+        "SNAT, ephemeral, and floating IPs must all be of the same IP version"
+    )]
+    MixedIpVersions,
+    #[error(transparent)]
+    SourceNat(#[from] super::SourceNatConfigError),
+}
diff --git a/common/src/api/internal/shared/mod.rs b/common/src/api/internal/shared/mod.rs
@@ -39,7 +39,6 @@ pub use network_interface::*;
 
 // Re-export latest version of the external IP types.
 pub use external_ip::ExternalIpConfig;
-pub use external_ip::ExternalIpConfigBuilder;
 pub use external_ip::ExternalIps;
 pub use external_ip::ExternalIpv4Config;
 pub use external_ip::ExternalIpv6Config;