From 824065c401fd3e4454f0183df14570a16452cb21 Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Thu, 11 Feb 2021 09:54:34 -0500 Subject: [PATCH] bgpd: Blackhole nexthops are not reachable When bgp registers for a nexthop that is not reachable due to the nexthop pointing to a blackhole, bgp is never going to be able to reach it when attempting to open a connection. Broken behavior: 192.168.161.204 valid [IGP metric 0], #paths 0, peer 192.168.161.204 blackhole Last update: Thu Feb 11 09:46:10 2021 eva# show bgp ipv4 uni summ fail BGP router identifier 10.10.3.11, local AS number 3235 vrf-id 0 BGP table version 40 RIB entries 78, using 14 KiB of memory Peers 2, using 54 KiB of memory Neighbor EstdCnt DropCnt ResetTime Reason 192.168.161.204 0 0 never Waiting for peer OPEN The log file fills up with this type of message: 2021-02-09T18:53:11.653433+00:00 nq-sjc6c-cor-01 bgpd[6548]: can't connect to 24.51.27.241 fd 26 : Invalid argument 2021-02-09T18:53:21.654005+00:00 nq-sjc6c-cor-01 bgpd[6548]: can't connect to 24.51.27.241 fd 26 : Invalid argument 2021-02-09T18:53:31.654381+00:00 nq-sjc6c-cor-01 bgpd[6548]: can't connect to 24.51.27.241 fd 26 : Invalid argument 2021-02-09T18:53:41.654729+00:00 nq-sjc6c-cor-01 bgpd[6548]: can't connect to 24.51.27.241 fd 26 : Invalid argument 2021-02-09T18:53:51.655147+00:00 nq-sjc6c-cor-01 bgpd[6548]: can't connect to 24.51.27.241 fd 26 : Invalid argument As that the connect to a blackhole is correctly rejected by the kernel Fixed behavior: eva# show bgp ipv4 uni summ BGP router identifier 10.10.3.11, local AS number 3235 vrf-id 0 BGP table version 40 RIB entries 78, using 14 KiB of memory Peers 2, using 54 KiB of memory Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc annie(192.168.161.2) 4 64539 126264 39 0 0 0 00:01:36 38 40 N/A 192.168.161.178 4 0 0 0 0 0 0 never Active 0 N/A Total number of neighbors 2 eva# show bgp ipv4 uni summ fail BGP router identifier 10.10.3.11, local AS number 3235 vrf-id 0 BGP table version 40 RIB entries 78, using 14 KiB of memory Peers 2, using 54 KiB of memory Neighbor EstdCnt DropCnt ResetTime Reason 192.168.161.178 0 0 never Waiting for NHT Total number of neighbors 2 eva# show bgp nexthop Current BGP nexthop cache: 192.168.161.2 valid [IGP metric 0], #paths 38, peer 192.168.161.2 if enp39s0 Last update: Thu Feb 11 09:52:05 2021 192.168.161.131 valid [IGP metric 0], #paths 0, peer 192.168.161.131 if enp39s0 Last update: Thu Feb 11 09:52:05 2021 192.168.161.178 invalid, #paths 0, peer 192.168.161.178 Must be Connected Last update: Thu Feb 11 09:53:37 2021 eva# Signed-off-by: Donald Sharp --- bgpd/bgp_nht.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/bgpd/bgp_nht.c b/bgpd/bgp_nht.c index bc5da0ee21..5e31c3d86f 100644 --- a/bgpd/bgp_nht.c +++ b/bgpd/bgp_nht.c @@ -843,9 +843,17 @@ static void evaluate_paths(struct bgp_nexthop_cache *bnc) if (peer) { int valid_nexthops = bgp_isvalid_nexthop(bnc); - if (valid_nexthops) - peer->last_reset = PEER_DOWN_WAITING_OPEN; - else + if (valid_nexthops) { + /* + * Peering cannot occur across a blackhole nexthop + */ + if (bnc->nexthop_num == 1 + && bnc->nexthop->type == NEXTHOP_TYPE_BLACKHOLE) { + peer->last_reset = PEER_DOWN_WAITING_NHT; + valid_nexthops = 0; + } else + peer->last_reset = PEER_DOWN_WAITING_OPEN; + } else peer->last_reset = PEER_DOWN_WAITING_NHT; if (!CHECK_FLAG(bnc->flags, BGP_NEXTHOP_PEER_NOTIFIED)) { -- 2.39.5