ovn-ic: do not learn routes with link-local next-hops

Do not learn IPv6 routes with link-local nex-thop. This issue occurs when the lrp connected to the transit switch has no IPv6 addresses and the internal logical router port has a valid IPv6 one. Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=2100355 Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com> Acked-by: Mark Michelson <mmichels@redhat.com> Signed-off-by: Numan Siddique <numans@ovn.org> (cherry picked from commit cb0e2b3)
ovn-org · Jul 19, 2022 · d13d1ab · d13d1ab
1 parent a9f214a
commit d13d1ab
Show file tree

Hide file tree

Showing 2 changed files with 56 additions and 1 deletion.
diff --git a/ic/ovn-ic.c b/ic/ovn-ic.c
@@ -925,7 +925,12 @@ parse_route(const char *s_prefix, const char *s_nexthop,
     }
 
     unsigned int nlen;
-    return ip46_parse_cidr(s_nexthop, nexthop, &nlen);
+    if (!ip46_parse_cidr(s_nexthop, nexthop, &nlen)) {
+        return false;
+    }
+
+    /* Do not learn routes with link-local next hop. */
+    return !in6_is_lla(nexthop);
 }
 
 /* Return false if can't be added due to bad format. */

diff --git a/tests/ovn-ic.at b/tests/ovn-ic.at
@@ -492,6 +492,56 @@ OVN_CLEANUP_IC([az1], [az2])
 AT_CLEANUP
 ])
 
+OVN_FOR_EACH_NORTHD([
+AT_SETUP([ovn-ic -- route sync -- IPv6 route tables])
+AT_KEYWORDS([IPv6-route-sync])
+
+ovn_init_ic_db
+ovn-ic-nbctl ts-add ts1
+
+for i in 1 2; do
+    ovn_start az$i
+    ovn_as az$i
+
+    # Enable route learning at AZ level
+    ovn-nbctl set nb_global . options:ic-route-learn=true
+    # Enable route advertising at AZ level
+    ovn-nbctl set nb_global . options:ic-route-adv=true
+
+    # Create LRP and connect to TS
+    ovn-nbctl lr-add lr$i
+    ovn-nbctl lrp-add lr$i lrp-lr$i-ts1 aa:aa:aa:aa:aa:0$i 2001:db8:1::$i/64
+    ovn-nbctl lsp-add ts1 lsp-ts1-lr$i \
+            -- lsp-set-addresses lsp-ts1-lr$i router \
+            -- lsp-set-type lsp-ts1-lr$i router \
+            -- lsp-set-options lsp-ts1-lr$i router-port=lrp-lr$i-ts1
+
+    ovn-nbctl lrp-add lr$i lrp-lr$i-p$i 00:00:00:00:00:0$i 2002:db8:1::$i/64
+done
+
+for i in 1 2; do
+    OVS_WAIT_UNTIL([ovn_as az$i ovn-nbctl lr-route-list lr$i | grep learned])
+done
+
+AT_CHECK([ovn_as az1 ovn-nbctl lr-route-list lr1 | awk '/learned/{print $1, $2}'], [0], [dnl
+2002:db8:1::/64 2001:db8:1::2
+])
+
+# Do not learn routes from link-local nexthops
+for i in 1 2; do
+    ovn_as az$i
+    ovn-nbctl lrp-del lrp-lr$i-ts1
+    ovn-nbctl lrp-add lr$i lrp-lr$i-ts1 aa:aa:aa:aa:aa:0$i 169.254.100.$i/24
+done
+
+OVS_WAIT_WHILE([ovn_as az1 ovn-nbctl lr-route-list lr1 | grep learned])
+AT_CHECK([ovn_as az1 ovn-nbctl lr-route-list lr1 | grep -q learned], [1])
+
+OVN_CLEANUP_IC([az1], [az2])
+
+AT_CLEANUP
+])
+
 OVN_FOR_EACH_NORTHD([
 AT_SETUP([ovn-ic -- route sync -- route tables])