Better handling of global addresses as configured NBMA neighbors in OSPFv3.
Configured NBMA neighbors in OSPFv3 should be link-local addresses, old behavior was to silently ignore global ones. The patch allows BIRD to accept global ones, but adds a warning and a documentation notice. Thanks to Wilco Baan Hofman for the bugreport.
This commit is contained in:
parent
a9fc659b84
commit
9ff5257357
3 changed files with 36 additions and 21 deletions
|
@ -2212,7 +2212,10 @@ protocol ospf <name> {
|
||||||
<tag>neighbors { <m/set/ } </tag>
|
<tag>neighbors { <m/set/ } </tag>
|
||||||
A set of neighbors to which Hello messages on NBMA or PtMP
|
A set of neighbors to which Hello messages on NBMA or PtMP
|
||||||
networks are to be sent. For NBMA networks, some of them
|
networks are to be sent. For NBMA networks, some of them
|
||||||
could be marked as eligible.
|
could be marked as eligible. In OSPFv3, link-local addresses
|
||||||
|
should be used, using global ones is possible, but it is
|
||||||
|
nonstandard and might be problematic. And definitely,
|
||||||
|
link-local and global addresses should not be mixed.
|
||||||
|
|
||||||
</descrip>
|
</descrip>
|
||||||
|
|
||||||
|
|
|
@ -135,6 +135,7 @@ CF_KEYWORDS(GLOBAL, LSID, ROUTER, SELF, INSTANCE, REAL)
|
||||||
|
|
||||||
%type <t> opttext
|
%type <t> opttext
|
||||||
%type <ld> lsadb_args
|
%type <ld> lsadb_args
|
||||||
|
%type <i> nbma_eligible
|
||||||
|
|
||||||
CF_GRAMMAR
|
CF_GRAMMAR
|
||||||
|
|
||||||
|
@ -295,7 +296,7 @@ ospf_iface_item:
|
||||||
| STUB bool { OSPF_PATT->stub = $2 ; }
|
| STUB bool { OSPF_PATT->stub = $2 ; }
|
||||||
| CHECK LINK bool { OSPF_PATT->check_link = $3; }
|
| CHECK LINK bool { OSPF_PATT->check_link = $3; }
|
||||||
| ECMP WEIGHT expr { OSPF_PATT->ecmp_weight = $3 - 1; if (($3<1) || ($3>256)) cf_error("ECMP weight must be in range 1-256"); }
|
| ECMP WEIGHT expr { OSPF_PATT->ecmp_weight = $3 - 1; if (($3<1) || ($3>256)) cf_error("ECMP weight must be in range 1-256"); }
|
||||||
| NEIGHBORS '{' ipa_list '}'
|
| NEIGHBORS '{' nbma_list '}'
|
||||||
| AUTHENTICATION NONE { OSPF_PATT->autype = OSPF_AUTH_NONE ; }
|
| AUTHENTICATION NONE { OSPF_PATT->autype = OSPF_AUTH_NONE ; }
|
||||||
| AUTHENTICATION SIMPLE { OSPF_PATT->autype = OSPF_AUTH_SIMPLE ; }
|
| AUTHENTICATION SIMPLE { OSPF_PATT->autype = OSPF_AUTH_SIMPLE ; }
|
||||||
| AUTHENTICATION CRYPTOGRAPHIC { OSPF_PATT->autype = OSPF_AUTH_CRYPT ; }
|
| AUTHENTICATION CRYPTOGRAPHIC { OSPF_PATT->autype = OSPF_AUTH_CRYPT ; }
|
||||||
|
@ -327,33 +328,24 @@ pref_opt:
|
||||||
| TAG expr { this_pref->tag = $2; }
|
| TAG expr { this_pref->tag = $2; }
|
||||||
;
|
;
|
||||||
|
|
||||||
ipa_list:
|
nbma_list:
|
||||||
/* empty */
|
/* empty */
|
||||||
| ipa_list ipa_item
|
| nbma_list nbma_item
|
||||||
;
|
;
|
||||||
|
|
||||||
ipa_item:
|
nbma_eligible:
|
||||||
ipa_el
|
/* empty */ { $$ = 0; }
|
||||||
| ipa_ne;
|
| ELIGIBLE { $$ = 1; }
|
||||||
|
;
|
||||||
|
|
||||||
ipa_el: IPA ';'
|
nbma_item: IPA nbma_eligible ';'
|
||||||
{
|
{
|
||||||
this_nbma = cfg_allocz(sizeof(struct nbma_node));
|
this_nbma = cfg_allocz(sizeof(struct nbma_node));
|
||||||
add_tail(&OSPF_PATT->nbma_list, NODE this_nbma);
|
add_tail(&OSPF_PATT->nbma_list, NODE this_nbma);
|
||||||
this_nbma->ip=$1;
|
this_nbma->ip=$1;
|
||||||
this_nbma->eligible=0;
|
this_nbma->eligible=$2;
|
||||||
}
|
}
|
||||||
;
|
;
|
||||||
|
|
||||||
ipa_ne: IPA ELIGIBLE ';'
|
|
||||||
{
|
|
||||||
this_nbma = cfg_allocz(sizeof(struct nbma_node));
|
|
||||||
add_tail(&OSPF_PATT->nbma_list, NODE this_nbma);
|
|
||||||
this_nbma->ip=$1;
|
|
||||||
this_nbma->eligible=1;
|
|
||||||
}
|
|
||||||
;
|
|
||||||
|
|
||||||
|
|
||||||
ospf_iface_start:
|
ospf_iface_start:
|
||||||
{
|
{
|
||||||
|
|
|
@ -574,8 +574,22 @@ ospf_iface_new(struct ospf_area *oa, struct ifa *addr, struct ospf_iface_patt *i
|
||||||
init_list(&ifa->nbma_list);
|
init_list(&ifa->nbma_list);
|
||||||
|
|
||||||
WALK_LIST(nb, ip->nbma_list)
|
WALK_LIST(nb, ip->nbma_list)
|
||||||
if (ipa_in_net(nb->ip, addr->prefix, addr->pxlen))
|
{
|
||||||
add_nbma_node(ifa, nb, 0);
|
/* In OSPFv3, addr is link-local while configured neighbors could
|
||||||
|
have global IP (although RFC 5340 C.5 says link-local addresses
|
||||||
|
should be used). Because OSPFv3 iface is not subnet-specific,
|
||||||
|
there is no need for ipa_in_net() check */
|
||||||
|
|
||||||
|
#ifdef OSPFv2
|
||||||
|
if (!ipa_in_net(nb->ip, addr->prefix, addr->pxlen))
|
||||||
|
continue;
|
||||||
|
#else
|
||||||
|
if (!ipa_has_link_scope(nb->ip))
|
||||||
|
log(L_WARN "In OSPFv3, configured neighbor address (%I) should be link-local", nb->ip);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
add_nbma_node(ifa, nb, 0);
|
||||||
|
}
|
||||||
|
|
||||||
ifa->state = OSPF_IS_DOWN;
|
ifa->state = OSPF_IS_DOWN;
|
||||||
add_tail(&oa->po->iface_list, NODE ifa);
|
add_tail(&oa->po->iface_list, NODE ifa);
|
||||||
|
@ -771,8 +785,14 @@ ospf_iface_reconfigure(struct ospf_iface *ifa, struct ospf_iface_patt *new)
|
||||||
/* NBMA LIST - add new */
|
/* NBMA LIST - add new */
|
||||||
WALK_LIST(nb, new->nbma_list)
|
WALK_LIST(nb, new->nbma_list)
|
||||||
{
|
{
|
||||||
|
/* See related note in ospf_iface_new() */
|
||||||
|
#ifdef OSPFv2
|
||||||
if (!ipa_in_net(nb->ip, ifa->addr->prefix, ifa->addr->pxlen))
|
if (!ipa_in_net(nb->ip, ifa->addr->prefix, ifa->addr->pxlen))
|
||||||
continue;
|
continue;
|
||||||
|
#else
|
||||||
|
if (!ipa_has_link_scope(nb->ip))
|
||||||
|
log(L_WARN "In OSPFv3, configured neighbor address (%I) should be link-local", nb->ip);
|
||||||
|
#endif
|
||||||
|
|
||||||
if (! find_nbma_node(ifa, nb->ip))
|
if (! find_nbma_node(ifa, nb->ip))
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue