zebra: Dissallow a /32 or /128 through itself - matthieu/frr.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Donald Sharp <sharpd@cumulusnetworks.com>	2019-10-18 10:32:10 -0400
committer	Donald Sharp <sharpd@cumulusnetworks.com>	2019-10-18 10:37:28 -0400
commit	4dcc22761141a9624ec2082077b58c81bfdffc36 (patch)
tree	6196508d95ea92520e81a0e94e81bb3d3e3e763a /lib/command_graph.h
parent	dfd7b62ddd50b267255aa1ae40b31965f9c1e411 (diff)

zebra: Dissallow a /32 or /128 through itself

Do not allow an upper level protocol to send a route to zebra that is a /32 or a /128 that recurses through itself. Current behavior: donna.cumulusnetworks.com# show ip route Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric, > - selected route, * - FIB route, q - queued route, r - rejected route K>* 0.0.0.0/0 [0/104] via 10.0.2.2, enp0s3, 01:05:28 C>* 10.0.2.0/24 is directly connected, enp0s3, 00:01:50 C>* 192.168.209.0/24 is directly connected, enp0s8, 01:05:28 C>* 192.168.210.0/24 is directly connected, enp0s9, 01:05:28 D>* 192.168.210.43/32 [150/0] via 192.168.210.44, enp0s9, 01:01:57 D 192.168.210.44/32 [150/0] via 192.168.210.44 inactive, 01:05:15 C>* 192.168.212.0/24 is directly connected, enp0s10, 01:05:28 donna.cumulusnetworks.com# sharp install routes 40.0.0.1 nexthop 192.168.210.44 % Command incomplete: sharp install routes 40.0.0.1 nexthop 192.168.210.44 donna.cumulusnetworks.com# sharp install routes 40.0.0.1 nexthop 192.168.210.44 1 donna.cumulusnetworks.com# end donna.cumulusnetworks.com# show ip route Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric, > - selected route, * - FIB route, q - queued route, r - rejected route K>* 0.0.0.0/0 [0/104] via 10.0.2.2, enp0s3, 01:05:51 C>* 10.0.2.0/24 is directly connected, enp0s3, 00:00:12 D>* 40.0.0.1/32 [150/0] via 192.168.210.44, enp0s9, 00:00:03 C>* 192.168.209.0/24 is directly connected, enp0s8, 01:05:51 C>* 192.168.210.0/24 is directly connected, enp0s9, 01:05:51 D>* 192.168.210.43/32 [150/0] via 192.168.210.44, enp0s9, 01:02:20 D 192.168.210.44/32 [150/0] via 192.168.210.44 inactive, 01:05:38 C>* 192.168.212.0/24 is directly connected, enp0s10, 01:05:51 donna.cumulusnetworks.com# Fixed behavior: donna.cumulusnetworks.com# sharp install routes 192.168.210.44 nexthop 192.168.210.44 1 donna.cumulusnetworks.com# show ip route Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric, > - selected route, * - FIB route, q - queued route, r - rejected route K>* 0.0.0.0/0 [0/104] via 10.0.2.2, enp0s3, 00:00:15 C>* 10.0.2.0/24 is directly connected, enp0s3, 00:00:15 C>* 192.168.209.0/24 is directly connected, enp0s8, 00:00:15 C>* 192.168.210.0/24 is directly connected, enp0s9, 00:00:15 D 192.168.210.44/32 [150/0] via 192.168.210.44 inactive, 00:00:03 C>* 192.168.212.0/24 is directly connected, enp0s10, 00:00:15 donna.cumulusnetworks.com# sharp install routes 40.0.0.1 nexthop 192.168.210.44 1 donna.cumulusnetworks.com# show ip route Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric, > - selected route, * - FIB route, q - queued route, r - rejected route K>* 0.0.0.0/0 [0/104] via 10.0.2.2, enp0s3, 00:00:24 C>* 10.0.2.0/24 is directly connected, enp0s3, 00:00:24 D>* 40.0.0.1/32 [150/0] via 192.168.210.44, enp0s9, 00:00:02 C>* 192.168.209.0/24 is directly connected, enp0s8, 00:00:24 C>* 192.168.210.0/24 is directly connected, enp0s9, 00:00:24 D 192.168.210.44/32 [150/0] via 192.168.210.44 inactive, 00:00:12 C>* 192.168.212.0/24 is directly connected, enp0s10, 00:00:24 donna.cumulusnetworks.com# This behavior came up from discussion around issue #5159. Where OSPF was receiving a route through itself as part of the router link lsa. I currently think that ospf should probably dissallow this in ospf but we should also do the right thing in zebra. If we do not allow this change we can have situations where ordering of routes into zebra suddenly matters. Fixes: #5159 Signed-off-by: Donald Sharp <sharpd@cumulsunetworks.com>

Diffstat (limited to 'lib/command_graph.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: