diff options
| author | Philippe Guibert <philippe.guibert@6wind.com> | 2023-09-01 17:14:06 +0200 |
|---|---|---|
| committer | Philippe Guibert <philippe.guibert@6wind.com> | 2023-10-18 09:41:02 +0200 |
| commit | d162d5f6f538e60385290fddf8ed256d2e15f628 (patch) | |
| tree | 3e3cf1151c8f207c2ac662d99d969140b73ee4b8 /zebra/label_manager.c | |
| parent | 1c199f219de476e528a7649404267f33206a7e94 (diff) | |
bgpd: fix hardset l3vpn label available in mpls pool
Today, when configuring BGP L3VPN mpls, the operator may
use that command to hardset a label value:
> router bgp 65500 vrf vrf1
> address-family ipv4 unicast
> label vpn export <hardset_label_value>
Today, BGP uses this value without checks, leading to potential
conflicts with other control planes like LDP. For instance, if
LDP initiates with a label chunk of [16;72] and BGP also uses the
50 label value, a conflict arises.
The 'label manager' service in zebra oversees label allocations.
While all the control plane daemons use it, BGP doesn't when a
hardset label is in place.
This update fixes this problem. Now, when a hardset label is set for
l3vpn export, a request is made to the label manager for approval,
ensuring no conflicts with other daemons. But, this means some existing
BGP configurations might become non-operational if they conflict with
labels already allocated to another daemon but not used.
note: Labels below 16 are reserved and won't be checked for consistency
by the label manager.
Fixes: ddb5b4880ba8 ("bgpd: vpn-vrf route leaking")
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Diffstat (limited to 'zebra/label_manager.c')
0 files changed, 0 insertions, 0 deletions