From 46d792409c4317cf6a603b685a00b680af7bc793 Mon Sep 17 00:00:00 2001 From: Philippe Guibert Date: Wed, 13 Sep 2023 11:36:23 +0200 Subject: [PATCH] bgpd: fix forbiding 'redistribute table' usage on non default instances The 'redistribute table' command can be used by configuration on a non default BGP instance, but this command does not work for multiple reasons: - The route entries configured on a given table are always configured from the default vrf. This constraint prevents from redistributing a prefix from the default vrf to an other non default bgp instance. - The importation of route entries requires 'ip import-table' on vrfs and this command is not available Fix this by preventing from configuring this kind of redistribution on non default bgp instances. Signed-off-by: Philippe Guibert --- bgpd/bgp_vty.c | 54 ++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 48 insertions(+), 6 deletions(-) diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c index f6db3fb365..e76968cdb0 100644 --- a/bgpd/bgp_vty.c +++ b/bgpd/bgp_vty.c @@ -16781,8 +16781,15 @@ DEFUN (bgp_redistribute_ipv4_ospf, if (strncmp(argv[idx_ospf_table]->arg, "o", 1) == 0) protocol = ZEBRA_ROUTE_OSPF; - else + else { + if (bgp->vrf_id != VRF_DEFAULT) { + vty_out(vty, + "%% Only default BGP instance can use '%s'\n", + argv[idx_ospf_table]->arg); + return CMD_WARNING_CONFIG_FAILED; + } protocol = ZEBRA_ROUTE_TABLE; + } bgp_redist_add(bgp, AFI_IP, protocol, instance); return bgp_redistribute_set(bgp, AFI_IP, protocol, instance, false); @@ -16818,8 +16825,15 @@ DEFUN (bgp_redistribute_ipv4_ospf_rmap, if (strncmp(argv[idx_ospf_table]->arg, "o", 1) == 0) protocol = ZEBRA_ROUTE_OSPF; - else + else { + if (bgp->vrf_id != VRF_DEFAULT) { + vty_out(vty, + "%% Only default BGP instance can use '%s'\n", + argv[idx_ospf_table]->arg); + return CMD_WARNING_CONFIG_FAILED; + } protocol = ZEBRA_ROUTE_TABLE; + } instance = strtoul(argv[idx_number]->arg, NULL, 10); red = bgp_redist_add(bgp, AFI_IP, protocol, instance); @@ -16860,8 +16874,15 @@ DEFUN (bgp_redistribute_ipv4_ospf_metric, if (strncmp(argv[idx_ospf_table]->arg, "o", 1) == 0) protocol = ZEBRA_ROUTE_OSPF; - else + else { + if (bgp->vrf_id != VRF_DEFAULT) { + vty_out(vty, + "%% Only default BGP instance can use '%s'\n", + argv[idx_ospf_table]->arg); + return CMD_WARNING_CONFIG_FAILED; + } protocol = ZEBRA_ROUTE_TABLE; + } instance = strtoul(argv[idx_number]->arg, NULL, 10); metric = strtoul(argv[idx_number_2]->arg, NULL, 10); @@ -16909,8 +16930,15 @@ DEFUN (bgp_redistribute_ipv4_ospf_rmap_metric, if (strncmp(argv[idx_ospf_table]->arg, "o", 1) == 0) protocol = ZEBRA_ROUTE_OSPF; - else + else { + if (bgp->vrf_id != VRF_DEFAULT) { + vty_out(vty, + "%% Only default BGP instance can use '%s'\n", + argv[idx_ospf_table]->arg); + return CMD_WARNING_CONFIG_FAILED; + } protocol = ZEBRA_ROUTE_TABLE; + } instance = strtoul(argv[idx_number]->arg, NULL, 10); metric = strtoul(argv[idx_number_2]->arg, NULL, 10); @@ -16963,8 +16991,15 @@ DEFUN (bgp_redistribute_ipv4_ospf_metric_rmap, if (strncmp(argv[idx_ospf_table]->arg, "o", 1) == 0) protocol = ZEBRA_ROUTE_OSPF; - else + else { + if (bgp->vrf_id != VRF_DEFAULT) { + vty_out(vty, + "%% Only default BGP instance can use '%s'\n", + argv[idx_ospf_table]->arg); + return CMD_WARNING_CONFIG_FAILED; + } protocol = ZEBRA_ROUTE_TABLE; + } instance = strtoul(argv[idx_number]->arg, NULL, 10); metric = strtoul(argv[idx_number_2]->arg, NULL, 10); @@ -17011,8 +17046,15 @@ DEFUN (no_bgp_redistribute_ipv4_ospf, if (strncmp(argv[idx_ospf_table]->arg, "o", 1) == 0) protocol = ZEBRA_ROUTE_OSPF; - else + else { + if (bgp->vrf_id != VRF_DEFAULT) { + vty_out(vty, + "%% Only default BGP instance can use '%s'\n", + argv[idx_ospf_table]->arg); + return CMD_WARNING_CONFIG_FAILED; + } protocol = ZEBRA_ROUTE_TABLE; + } instance = strtoul(argv[idx_number]->arg, NULL, 10); bgp_redistribute_unset(bgp, AFI_IP, protocol, instance); -- 2.39.5