bgpd: Fix the condition whether nexthop is changed

Given that the following topology, route server MUST not modify NEXT_HOP
attribute because route server isn't in the actual routing path. This
behavior is required to comply RFC7947

(Router A) <-(eBGP peer)-> (Route Server) <-(eBGP peer)-> (Router B)

RFC7947 says as follows:

> As the route server does not participate in the actual routing of
> traffic, the NEXT_HOP attribute MUST be passed unmodified to the route
> server clients, similar to the "third-party" next-hop
> feature described in Section 5.1.3. of [RFC4271].

However, current FRR is violating RFC7947 in some cases. If routers and
route server established BGP peer over IPv6 connection and routers
advertise ipv4-vpn routes through route server, route server will modify
NEXT_HOP attribute in these advertisements.

This is because the condition to check whether NEXT_HOP attribute should
be changed or not is wrong. We should use (afi, safi) as the key to
check, but (nhafi, safi) is actually used. This causes the RFC7947
violation.

Signed-off-by: Ryoga Saito <ryoga.saito@linecorp.com>
(cherry picked from commit 5b786189bc60b07c62569a324754b4b49fe61f8e)

diff --git a/bgpd/bgp_updgrp_packet.c b/bgpd/bgp_updgrp_packet.c
index 88a81f255de86d0afbf982f1f606a8ebc6e9a7cb..344aea16f50d1556594eb3992d9d063e80f4dc23 100644 (file)
--- a/bgpd/bgp_updgrp_packet.c
+++ b/bgpd/bgp_updgrp_packet.c
@@ -527,7 +527,7 @@ struct stream *bpacket_reformat_for_peer(struct bpacket *pkt,
                           && !CHECK_FLAG(vec->flags,
                                          BPKT_ATTRVEC_FLAGS_RMAP_NH_UNCHANGED)
                           && !peer_af_flag_check(
-                                  peer, nhafi, paf->safi,
+                                  peer, paf->afi, paf->safi,
                                   PEER_FLAG_NEXTHOP_UNCHANGED)) {
                        /* NOTE: not handling case where NH has new AFI
                         */