From 34abbcc4b16438c076262e9b4571e5a27efd540b Mon Sep 17 00:00:00 2001 From: Sai Gomathi Date: Tue, 26 Oct 2021 05:55:23 -0700 Subject: [PATCH 1/2] pimd: modifications in PIM joins Problem : ======= (*,G) created on transit node where same groups are defined as SSM At present FRR has SSM checks for IGMP report, but SSM check is missing for PIM join. Fix : === When an interface receives the PIM (*,G)join with G as SSM group, then PIMd supposed to discard that join. There is no need to maintain PIM state for this group. Signed-off-by: Sai Gomathi --- pimd/pim_join.c | 10 ++++++++++ pimd/pim_register.c | 12 ++++++++++++ 2 files changed, 22 insertions(+) diff --git a/pimd/pim_join.c b/pimd/pim_join.c index c7a80ca8e0..652b27476d 100644 --- a/pimd/pim_join.c +++ b/pimd/pim_join.c @@ -39,6 +39,7 @@ #include "pim_rp.h" #include "pim_jp_agg.h" #include "pim_util.h" +#include "pim_ssm.h" static void on_trace(const char *label, struct interface *ifp, struct in_addr src) @@ -55,6 +56,7 @@ static void recv_join(struct interface *ifp, struct pim_neighbor *neigh, struct prefix_sg *sg, uint8_t source_flags) { struct pim_interface *pim_ifp = NULL; + char buf[PREFIX_STRLEN]; if (PIM_DEBUG_PIM_TRACE) { char up_str[INET_ADDRSTRLEN]; @@ -105,6 +107,14 @@ static void recv_join(struct interface *ifp, struct pim_neighbor *neigh, return; } + if (pim_is_grp_ssm(pim_ifp->pim, sg->grp)) { + zlog_warn( + "%s: Specified Group(%s) in join is now in SSM, not allowed to create PIM state", + __func__, + inet_ntop(AF_INET, &sg->grp, buf, sizeof(buf))); + return; + } + sg->src.s_addr = INADDR_ANY; } diff --git a/pimd/pim_register.c b/pimd/pim_register.c index 9d5b864ab0..fc464753e0 100644 --- a/pimd/pim_register.c +++ b/pimd/pim_register.c @@ -323,6 +323,7 @@ int pim_register_recv(struct interface *ifp, struct in_addr dest_addr, int i_am_rp = 0; struct pim_interface *pim_ifp = ifp->info; struct pim_instance *pim = pim_ifp->pim; + char buf[PREFIX_STRLEN]; #define PIM_MSG_REGISTER_BIT_RESERVED_LEN 4 ip_hdr = (struct ip *)(tlv_buf + PIM_MSG_REGISTER_BIT_RESERVED_LEN); @@ -381,6 +382,17 @@ int pim_register_recv(struct interface *ifp, struct in_addr dest_addr, pim_str_sg_dump(&sg), src_str, ifp->name, i_am_rp); } + if (pim_is_grp_ssm(pim_ifp->pim, sg.grp)) { + if (sg.src.s_addr == INADDR_ANY) { + zlog_warn( + "%s: Received Register message for Group(%s) is now in SSM, dropping the packet", + __func__, + inet_ntop(AF_INET, &sg.grp, buf, sizeof(buf))); + /* Drop Packet Silently */ + return 0; + } + } + if (i_am_rp && (dest_addr.s_addr == ((RP(pim, sg.grp))->rpf_addr.u.prefix4.s_addr))) { From c29fec4d3af11da39582c86484c92337fdf128f9 Mon Sep 17 00:00:00 2001 From: Sai Gomathi Date: Tue, 26 Oct 2021 07:03:58 -0700 Subject: [PATCH 2/2] pimd: modification in mroute Problem: ------- (*,G) created on transit node where same groups are defined as SSM At present FRR has SSM checks for IGMP report, but SSM check is missing for PIM join. Fix: ---- Whenever there is a modification in prefix list for SSM range, then we need to browse the ifchannels (PIM joins) and groups coming in SSM range with (and *,G) should be removed from ifchannel database and also withdraw those routes from upstream routers. Signed-off-by: Sai Gomathi --- pimd/pim_zebra.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/pimd/pim_zebra.c b/pimd/pim_zebra.c index aa041df857..219f41015d 100644 --- a/pimd/pim_zebra.c +++ b/pimd/pim_zebra.c @@ -542,6 +542,7 @@ void igmp_source_forward_reevaluate_all(struct pim_instance *pim) struct pim_interface *pim_ifp = ifp->info; struct listnode *grpnode; struct igmp_group *grp; + struct pim_ifchannel *ch, *ch_temp; if (!pim_ifp) continue; @@ -556,9 +557,17 @@ void igmp_source_forward_reevaluate_all(struct pim_instance *pim) for (ALL_LIST_ELEMENTS_RO(grp->group_source_list, srcnode, src)) { igmp_source_forward_reevaluate_one(pim, src); - } /* scan group sources */ - } /* scan igmp groups */ - } /* scan interfaces */ + } /* scan group sources */ + } /* scan igmp groups */ + + RB_FOREACH_SAFE (ch, pim_ifchannel_rb, &pim_ifp->ifchannel_rb, + ch_temp) { + if (pim_is_grp_ssm(pim, ch->sg.grp)) { + if (ch->sg.src.s_addr == INADDR_ANY) + pim_ifchannel_delete(ch); + } + } + } /* scan interfaces */ } void igmp_source_forward_start(struct pim_instance *pim,