From f07757ae1eb78718f3b6a90a47db8d3678d30471 Mon Sep 17 00:00:00 2001 From: Reuben Dowle Date: Wed, 24 Mar 2021 16:36:49 +1300 Subject: [PATCH 1/3] nhrpd: Fix corrupt address being shown for shortcuts with no cache entry Signed-off-by: Reuben Dowle --- nhrpd/nhrp_vty.c | 1 + 1 file changed, 1 insertion(+) diff --git a/nhrpd/nhrp_vty.c b/nhrpd/nhrp_vty.c index 420ea12ec1..a032252507 100644 --- a/nhrpd/nhrp_vty.c +++ b/nhrpd/nhrp_vty.c @@ -844,6 +844,7 @@ static void show_ip_nhrp_shortcut(struct nhrp_shortcut *s, void *pctx) ctx->count++; c = s->cache; + buf2[0] = '\0'; if (c) sockunion2str(&c->remote_addr, buf2, sizeof(buf2)); prefix2str(s->p, buf1, sizeof(buf1)); From 32dbbf1a10f18c382c3a3f967af3de8151050312 Mon Sep 17 00:00:00 2001 From: Amol Lad Date: Wed, 24 Mar 2021 16:38:20 +1300 Subject: [PATCH 2/3] nhrpd: Set prefix correctly in resolution request RFC2332 requires prefix length be 0xFF only when uniqueness bit is set. Without this change Cisco spokes will reject resolution request messages Signed-off-by: Reuben Dowle --- nhrpd/nhrp_shortcut.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/nhrpd/nhrp_shortcut.c b/nhrpd/nhrp_shortcut.c index 56861551ea..0905ceb72a 100644 --- a/nhrpd/nhrp_shortcut.c +++ b/nhrpd/nhrp_shortcut.c @@ -427,8 +427,10 @@ static void nhrp_shortcut_send_resolution_req(struct nhrp_shortcut *s) * */ /* FIXME: push CIE for each local protocol address */ cie = nhrp_cie_push(zb, NHRP_CODE_SUCCESS, NULL, NULL); - cie->prefix_length = 0xff; if_ad = &nifp->afi[family2afi(sockunion_family(&s->addr))]; + cie->prefix_length = (if_ad->flags & NHRP_IFF_REG_NO_UNIQUE) + ? 8 * sockunion_get_addrlen(&s->addr) + : 0xff; cie->holding_time = htons(if_ad->holdtime); cie->mtu = htons(if_ad->mtu); debugf(NHRP_DEBUG_COMMON, From 2b55509d6c376d578e63fdc2013f071bedb1f3e4 Mon Sep 17 00:00:00 2001 From: Amol Lad Date: Wed, 24 Mar 2021 16:39:27 +1300 Subject: [PATCH 3/3] nhrpd: Clear cache when shortcuts are cleared This is required because with the cache entry in place traffic will continue via the shortcut path until the cache entry expires. Signed-off-by: Reuben Dowle --- nhrpd/nhrp_vty.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/nhrpd/nhrp_vty.c b/nhrpd/nhrp_vty.c index a032252507..707bb4b44f 100644 --- a/nhrpd/nhrp_vty.c +++ b/nhrpd/nhrp_vty.c @@ -1076,7 +1076,8 @@ static void clear_nhrp_cache(struct nhrp_cache *c, void *data) if (c->cur.type <= NHRP_CACHE_DYNAMIC) { nhrp_cache_update_binding(c, c->cur.type, -1, NULL, 0, NULL, NULL); - ctx->count++; + if (ctx) + ctx->count++; } } @@ -1106,6 +1107,12 @@ DEFUN(clear_nhrp, clear_nhrp_cmd, nhrp_cache_foreach(ifp, clear_nhrp_cache, &ctx); } else { nhrp_shortcut_foreach(ctx.afi, clear_nhrp_shortcut, &ctx); + /* Clear cache also because when a shortcut is cleared then its + * cache entry should be cleared as well (otherwise traffic + * continues via the shortcut path) + */ + FOR_ALL_INTERFACES (vrf, ifp) + nhrp_cache_foreach(ifp, clear_nhrp_cache, NULL); } if (!ctx.count) {