From cafec8da4f0a7ac850eb42a71c6d695e1f79fc7c Mon Sep 17 00:00:00 2001
From: Donald Sharp <sharpd@cumulusnetworks.com>
Date: Wed, 28 Mar 2018 18:23:27 -0400
Subject: [PATCH] lib, pbrd: Do not allow v6 LL nexthops to be specified
 without an interface.

Prevent the creation of a v6 LL nexthop that does not include an interface
for proper resolution.

Ticket: CM-20276
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
---
 lib/nexthop_group.c | 8 +++++++-
 pbrd/pbr_vty.c      | 8 +++++++-
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/lib/nexthop_group.c b/lib/nexthop_group.c
index 1ec49c2a02..a527d011ae 100644
--- a/lib/nexthop_group.c
+++ b/lib/nexthop_group.c
@@ -280,8 +280,14 @@ DEFPY(ecmp_nexthops, ecmp_nexthops_cmd,
 					intf, vrf->name);
 				return CMD_WARNING;
 			}
-		} else
+		} else {
+			if (IN6_IS_ADDR_LINKLOCAL(&nhop.gate.ipv6)) {
+				vty_out(vty,
+					"Specified a v6 LL with no interface, rejecting\n");
+				return CMD_WARNING_CONFIG_FAILED;
+			}
 			nhop.type = NEXTHOP_TYPE_IPV6;
+		}
 	}
 
 	nh = nexthop_exists(&nhgc->nhg, &nhop);
diff --git a/pbrd/pbr_vty.c b/pbrd/pbr_vty.c
index 87ec3804a5..18d8896faf 100644
--- a/pbrd/pbr_vty.c
+++ b/pbrd/pbr_vty.c
@@ -251,8 +251,14 @@ DEFPY(pbr_map_nexthop, pbr_map_nexthop_cmd,
 					intf, vrf->name);
 				return CMD_WARNING_CONFIG_FAILED;
 			}
-		} else
+		} else {
+			if (IN6_IS_ADDR_LINKLOCAL(&nhop.gate.ipv6)) {
+				vty_out(vty,
+					"Specified a v6 LL with no interface, rejecting\n");
+				return CMD_WARNING_CONFIG_FAILED;
+			}
 			nhop.type = NEXTHOP_TYPE_IPV6;
+		}
 	}
 
 	if (pbrms->nhg)