From b96306f042ce6017fa42273bcc8b232a6ccb8c62 Mon Sep 17 00:00:00 2001 From: Don Slice Date: Wed, 17 Jul 2019 13:19:08 -0400 Subject: [PATCH] bgpd: encode implicit next-hop-self in some vrf route leaking scenarios Problem reported that when vrf route-leaking between an unnumbered peer in one vrf to a numbered peer in another vrf, the nexthop attribute was missing from the update, causing the session to fail. determined that we needed to expand the mechanism for verifying if the route has been learned in the other vrf without an ipv4 nexthop. Ticket: CM-25610 Signed-off-by: Don Slice --- bgpd/bgp_attr.c | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c index 35946444dd..c64d153f1b 100644 --- a/bgpd/bgp_attr.c +++ b/bgpd/bgp_attr.c @@ -3215,6 +3215,8 @@ bgp_size_t bgp_packet_attribute(struct bgp *bgp, struct peer *peer, /* Nexthop attribute. */ if (afi == AFI_IP && safi == SAFI_UNICAST && !peer_cap_enhe(peer, afi, safi)) { + afi_t nh_afi = BGP_NEXTHOP_AFI_FROM_NHLEN(attr->mp_nexthop_len); + if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP)) { stream_putc(s, BGP_ATTR_FLAG_TRANS); stream_putc(s, BGP_ATTR_NEXT_HOP); @@ -3222,17 +3224,18 @@ bgp_size_t bgp_packet_attribute(struct bgp *bgp, struct peer *peer, attr); stream_putc(s, 4); stream_put_ipv4(s, attr->nexthop.s_addr); - } else if (peer_cap_enhe(from, afi, safi)) { + } else if (peer_cap_enhe(from, afi, safi) + || (nh_afi == AFI_IP6)) { /* * Likely this is the case when an IPv4 prefix was - * received with - * Extended Next-hop capability and now being advertised - * to - * non-ENHE peers. + * received with Extended Next-hop capability in this + * or another vrf and is now being advertised to + * non-ENHE peers. Since peer_cap_enhe only checks + * peers in this vrf, also check the nh_afi to catch + * the case where the originator was in another vrf. * Setting the mandatory (ipv4) next-hop attribute here - * to enable - * implicit next-hop self with correct (ipv4 address - * family). + * to enable implicit next-hop self with correct A-F + * (ipv4 address family). */ stream_putc(s, BGP_ATTR_FLAG_TRANS); stream_putc(s, BGP_ATTR_NEXT_HOP);