diff options
| author | Russ White <russ@riw.us> | 2024-09-24 15:44:36 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-09-24 15:44:36 +0200 |
| commit | de43ca890dfe9dff5296c902f977ee4f3ba8dcf7 (patch) | |
| tree | e00d83a82812be17f27a1595101b2ec00980a519 | |
| parent | Merge pull request #16902 from donaldsharp/forwarding_on_off (diff) | |
| parent | bgpd: Exclude case for remote prefix w/o link-local (diff) | |
| download | frr-de43ca890dfe9dff5296c902f977ee4f3ba8dcf7.tar.xz frr-de43ca890dfe9dff5296c902f977ee4f3ba8dcf7.zip | |
Merge pull request #16219 from cunningr/prevent-ipv6-link-local-injection
bgpd - Exclude case for remote prefix w/o link-local #16198
| -rw-r--r-- | bgpd/bgp_route.c | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c index 1f1b90044..f4118952f 100644 --- a/bgpd/bgp_route.c +++ b/bgpd/bgp_route.c @@ -2472,13 +2472,16 @@ bool subgroup_announce_check(struct bgp_dest *dest, struct bgp_path_info *pi, if (NEXTHOP_IS_V6) { attr->mp_nexthop_len = BGP_ATTR_NHLEN_IPV6_GLOBAL; if ((CHECK_FLAG(peer->af_flags[afi][safi], - PEER_FLAG_NEXTHOP_LOCAL_UNCHANGED) - && IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_local)) - || (!reflect && !transparent - && IN6_IS_ADDR_LINKLOCAL(&peer->nexthop.v6_local) - && peer->shared_network - && (from == bgp->peer_self - || peer->sort == BGP_PEER_EBGP))) { + PEER_FLAG_NEXTHOP_LOCAL_UNCHANGED) && + IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_local)) || + (!reflect && !transparent && + IN6_IS_ADDR_LINKLOCAL(&peer->nexthop.v6_local) && + peer->shared_network && + ((from == bgp->peer_self && peer->sort == BGP_PEER_EBGP) || + (from == bgp->peer_self && peer->sort != BGP_PEER_EBGP) || + (from != bgp->peer_self && + IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_local) && + peer->sort == BGP_PEER_EBGP)))) { if (safi == SAFI_MPLS_VPN) attr->mp_nexthop_len = BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL; |