From dc6fdaa27e62c75ac2a1831633ce6637b9d468fc Mon Sep 17 00:00:00 2001 From: Donatas Abraitis Date: Thu, 14 Sep 2023 21:17:07 +0300 Subject: [PATCH] bgpd: Remove private ASNs after we modify the as-path with the route-map If we modify as-path with route-map and prepend with private ASNs, then we advertise a new as-path without stripping private ASNs. Let's fix this, and remove private ASNs despite if they were sent by the origin or prepended locally. Signed-off-by: Donatas Abraitis --- bgpd/bgp_route.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c index 227a68ee55..df3397af99 100644 --- a/bgpd/bgp_route.c +++ b/bgpd/bgp_route.c @@ -2378,9 +2378,6 @@ bool subgroup_announce_check(struct bgp_dest *dest, struct bgp_path_info *pi, bgp_otc_egress(peer, attr)) return false; - bgp_peer_remove_private_as(bgp, afi, safi, peer, attr); - bgp_peer_as_override(bgp, afi, safi, peer, attr); - if (filter->advmap.update_type == UPDATE_TYPE_WITHDRAW && filter->advmap.aname && route_map_lookup_by_name(filter->advmap.aname)) { @@ -2453,6 +2450,9 @@ bool subgroup_announce_check(struct bgp_dest *dest, struct bgp_path_info *pi, } } + bgp_peer_remove_private_as(bgp, afi, safi, peer, attr); + bgp_peer_as_override(bgp, afi, safi, peer, attr); + /* RFC 8212 to prevent route leaks. * This specification intends to improve this situation by requiring the * explicit configuration of both BGP Import and Export Policies for any -- 2.39.5