Include loopback IP addresses in martian NEXTHOP check

diff --git a/bgpd/bgp_nexthop.c b/bgpd/bgp_nexthop.c
index 7f516379bfa35341a3e532892208d2e7c3bed921..40b719fe31ec851e03cc7d1a75878fe08f1da5cf 100644 (file)
--- a/bgpd/bgp_nexthop.c
+++ b/bgpd/bgp_nexthop.c
@@ -92,45 +92,6 @@ bnc_free (struct bgp_nexthop_cache *bnc)
   XFREE (MTYPE_BGP_NEXTHOP_CACHE, bnc);
 }
 
-/* If nexthop exists on connected network return 1. */
-int
-bgp_nexthop_onlink (afi_t afi, struct attr *attr)
-{
-  struct bgp_node *rn;
-  
-  /* Lookup the address is onlink or not. */
-  if (afi == AFI_IP)
-    {
-      rn = bgp_node_match_ipv4 (bgp_connected_table[AFI_IP], &attr->nexthop);
-      if (rn)
-       {
-         bgp_unlock_node (rn);
-         return 1;
-       }
-    }
-#ifdef HAVE_IPV6
-  else if (afi == AFI_IP6)
-    {
-      if (attr->extra->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)
-       return 1;
-      else if (attr->extra->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL)
-       {
-         if (IN6_IS_ADDR_LINKLOCAL (&attr->extra->mp_nexthop_global))
-           return 1;
-
-         rn = bgp_node_match_ipv6 (bgp_connected_table[AFI_IP6],
-                                     &attr->extra->mp_nexthop_global);
-         if (rn)
-           {
-             bgp_unlock_node (rn);
-             return 1;
-           }
-       }
-    }
-#endif /* HAVE_IPV6 */
-  return 0;
-}
-
 /* Reset and free all BGP nexthop cache. */
 static void
 bgp_nexthop_cache_reset (struct bgp_table *table)
@@ -241,18 +202,9 @@ bgp_connected_add (struct connected *ifc)
 {
   struct prefix p;
   struct prefix *addr;
-  struct interface *ifp;
   struct bgp_node *rn;
   struct bgp_connected_ref *bc;
 
-  ifp = ifc->ifp;
-
-  if (! ifp)
-    return;
-
-  if (if_is_loopback (ifp))
-    return;
-
   addr = ifc->address;
 
   if (addr->family == AF_INET)
@@ -311,15 +263,9 @@ bgp_connected_delete (struct connected *ifc)
 {
   struct prefix p;
   struct prefix *addr;
-  struct interface *ifp;
   struct bgp_node *rn;
   struct bgp_connected_ref *bc;
 
-  ifp = ifc->ifp;
-
-  if (if_is_loopback (ifp))
-    return;
-
   addr = ifc->address;
 
   if (addr->family == AF_INET)

diff --git a/bgpd/bgp_nexthop.h b/bgpd/bgp_nexthop.h
index ffa726dad4dc8b6f9347586829137d58b4440671..5485bb2c133f19ca66d443d207ab5c89a747c272 100644 (file)
--- a/bgpd/bgp_nexthop.h
+++ b/bgpd/bgp_nexthop.h
@@ -63,7 +63,6 @@ extern void bgp_connected_add (struct connected *c);
 extern void bgp_connected_delete (struct connected *c);
 extern int bgp_multiaccess_check_v4 (struct in_addr, struct peer *);
 extern int bgp_config_write_scan_time (struct vty *);
-extern int bgp_nexthop_onlink (afi_t, struct attr *);
 extern int bgp_nexthop_self (struct attr *);
 extern void bgp_address_init (void);
 extern struct bgp_nexthop_cache *bnc_new(void);

diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c
index 1a8fb3562bab2d2e1da0d00dc8ebf9ebb8fccbd3..530009d62d5349b2d33eb85fa6f1d569ac1486b7 100644 (file)
--- a/bgpd/bgp_route.c
+++ b/bgpd/bgp_route.c
@@ -2711,16 +2711,22 @@ bgp_update_main (struct peer *peer, struct prefix *p, u_int32_t addpath_id,
   /* IPv4 unicast next hop check.  */
   if (afi == AFI_IP && safi == SAFI_UNICAST)
     {
-      /* Next hop must not be 0.0.0.0 nor Class D/E address. Next hop
-        must not be my own address.  */
+      /* Next hop must not be 0.0.0.0 nor Class D/E address. */
       if (new_attr.nexthop.s_addr == 0
-         || IPV4_CLASS_DE (ntohl (new_attr.nexthop.s_addr))
-         || bgp_nexthop_self (&new_attr))
+         || IPV4_CLASS_DE (ntohl (new_attr.nexthop.s_addr)))
        {
          reason = "martian next-hop;";
          bgp_attr_flush (&new_attr);
          goto filtered;
        }
+
+      /* Next hop must not be my own address.  */
+      if (bgp_nexthop_self (&new_attr))
+       {
+         reason = "local IP next-hop;";
+         bgp_attr_flush (&new_attr);
+         goto filtered;
+       }
     }
 
   attr_new = bgp_attr_intern (&new_attr);