Skip to content

Commit

Permalink
bgpd: fix ipv4-mapped ipv6 on non 6pe
Browse files Browse the repository at this point in the history 
0325116 ("bgpd: fix 6vpe nexthop") enforced sending an IPv4-mapped
IPv6 address as nexthop when the BGP session is on IPv4 and address
family IPv6. This is not always correct. In some cases, sending an
IPv6 global address is valid on an IPv4 session:
- MP-BGP is used and the sending router has an IPv4 and a global IPv6
address on the interface towards the peer.
- nexthop is set by a route-map
- router that is sending the UPDATE is a route-reflector

IPv4-mapped IPv6 nexthop should be limited to the 6PE /6vPE cases where
the prefix is reachable via an IPv4 only MPLS backbone.

Do not replace the global IPv6 address when sending UPDATE if:
- the nexthop is set by a route-map
- a valid global IPv6 address is set on the interface towards the peer.
  The 6PE router is not supposed to have a global IPv6 address set on
  the interface. An IPv6 link-local may be set on it.
- the sending router is a route-reflector

Fixes: 0325116 ("bgpd: fix 6vpe nexthop")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
  • Loading branch information
@louis-6wind
louis-6wind committed Mar 25, 2024
1 parent 6ee9610 commit e6a898a
Showing 1 changed file with 13 additions and 4 deletions.
17 changes: 13 additions & 4 deletions bgpd/bgp_updgrp_packet.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -525,11 +525,20 @@ struct stream *bpacket_reformat_for_peer(struct bpacket *pkt,

if (peer->nexthop.v4.s_addr != INADDR_ANY &&
(IN6_IS_ADDR_UNSPECIFIED(mod_v6nhg) ||
(peer->connection->su.sa.sa_family == AF_INET &&
paf->afi == AFI_IP6))) {
(IN6_IS_ADDR_LINKLOCAL(mod_v6nhg) &&
peer->connection->su.sa.sa_family == AF_INET &&
paf->afi == AFI_IP6 && !route_map_sets_nh &&
!peer_af_flag_check(peer, paf->afi, paf->safi,
PEER_FLAG_NEXTHOP_UNCHANGED) &&
!CHECK_FLAG(vec->flags,
BPKT_ATTRVEC_FLAGS_RMAP_NH_UNCHANGED) &&
!CHECK_FLAG(vec->flags, BPKT_ATTRVEC_FLAGS_REFLECTED)))) {
/* set a IPv4 mapped IPv6 address if no global IPv6
* address is found or if announcing IPv6 prefix
* over an IPv4 BGP session.
* address is found
* or if mod_v6nhg is a Link-Local (because no global was found)
* and the announced IPv6 prefix over an IPv4 BGP session
* and no route-map on nexthop
* and not a route-reflector
*/
ipv4_to_ipv4_mapped_ipv6(mod_v6nhg, peer->nexthop.v4);
gnh_modified = 1;
Expand Down

0 comments on commit e6a898a

Please sign in to comment.