From acf31ef73b4a73dad5723105cdde0d589f2a1d4a Mon Sep 17 00:00:00 2001
From: Louis Scalbert <louis.scalbert@6wind.com>
Date: Thu, 5 May 2022 18:06:24 +0200
Subject: [PATCH] bgpd: fix prefix VRF leaking with 'network import-check'
 (5/5)

The following configuration creates an infinite routing leaking loop
because 'rt vpn both' parameters are the same in both VRFs.

> router bgp 5227 vrf r1-cust4
>    no bgp network import-check
>    bgp router-id 192.168.1.1
>    address-family ipv4 unicast
>      network 28.0.0.0/24
>      rd vpn export 10:12
>      rt vpn both 52:100
>      import vpn
>      export vpn
>    exit-address-family
> !
> router bgp 5227 vrf r1-cust5
>    no bgp network import-check
>    bgp router id 192.168.1.1
>    address-family ipv4 unicast
>      network 29.0.0.0/24
>      rd vpn export 10:13
>      rt vpn both 52:100
>      import vpn
>      export vpn
>    exit-address-family

The previous commit has added a routing leak update when a nexthop
update is received from zebra. It indirectly calls
bgp_find_or_add_nexthop() in which a static route triggers a nexthop
cache entry registration that triggers a nexthop update from zebra.

Do not register again the nexthop cache entry if the BGP_STATIC_ROUTE is
already set.

Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
---
 bgpd/bgp_nht.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/bgpd/bgp_nht.c b/bgpd/bgp_nht.c
index d7707a8c0c..a192b037ac 100644
--- a/bgpd/bgp_nht.c
+++ b/bgpd/bgp_nht.c
@@ -389,7 +389,7 @@ int bgp_find_or_add_nexthop(struct bgp *bgp_route, struct bgp *bgp_nexthop,
 	if (pi && is_route_parent_evpn(pi))
 		bnc->is_evpn_gwip_nexthop = true;
 
-	if (is_bgp_static_route) {
+	if (is_bgp_static_route && !CHECK_FLAG(bnc->flags, BGP_STATIC_ROUTE)) {
 		SET_FLAG(bnc->flags, BGP_STATIC_ROUTE);
 
 		/* If we're toggling the type, re-register */
@@ -424,8 +424,8 @@ int bgp_find_or_add_nexthop(struct bgp *bgp_route, struct bgp *bgp_nexthop,
 		SET_FLAG(bnc->flags, BGP_NEXTHOP_CONNECTED);
 		UNSET_FLAG(bnc->flags, BGP_NEXTHOP_REGISTERED);
 		UNSET_FLAG(bnc->flags, BGP_NEXTHOP_VALID);
-	} else if (peer && !connected
-		   && CHECK_FLAG(bnc->flags, BGP_NEXTHOP_CONNECTED)) {
+	} else if (peer && !connected &&
+		   CHECK_FLAG(bnc->flags, BGP_NEXTHOP_CONNECTED)) {
 		UNSET_FLAG(bnc->flags, BGP_NEXTHOP_CONNECTED);
 		UNSET_FLAG(bnc->flags, BGP_NEXTHOP_REGISTERED);
 		UNSET_FLAG(bnc->flags, BGP_NEXTHOP_VALID);
-- 
2.39.5