Skip to content

bgpd: fix wrong automatic router-id use #19569

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

bgpd: fix wrong automatic router-id use #19569

wants to merge 1 commit into from

Conversation

anlancs
Copy link
Contributor

@anlancs anlancs commented Sep 13, 2025

Only considers the automatic rd scenario without a bgp connection and without configuring any rd in the command line.

This automatic rd is created and used for bgp at this case, but it should not be used for vpn if rd vpn export is set in command line. And both IPv4 and IPv6 family also have this issue.

With the configuration:

router bgp 88 vrf vrf1
 neighbor 3.3.3.3 remote-as 99
 !
 address-family ipv4 unicast
  rd vpn export 4:4
  rt vpn export 4:4
  export vpn
  import vpn
 exit-address-family
exit

At the beginning, there was no address in vrf1, then set address 1.1.1.1/24. The running is changed:

router bgp 88 vrf xx
 neighbor 3.3.3.3 remote-as 99
 !
 address-family ipv4 unicast
  rd vpn export 4:4
  rt vpn export 1.1.1.1:4 <--
  export vpn
  import vpn
 exit-address-family

@anlancs
bgpd: fix wrong automatic router-id use
441d7b7 
Only considers the automatic rd scenario without a bgp connection and without
configuring any rd in the command line.

This automatic rd is created and used for bgp at this case, but it should not be
used for vpn if `rd vpn export` is set in command line.  And both IPv4 and IPv6
family also have this issue.

With the configuration:
```
router bgp 88 vrf vrf1
 neighbor 3.3.3.3 remote-as 99
 !
 address-family ipv4 unicast
  rd vpn export 4:4
  rt vpn export 4:4
  export vpn
  import vpn
 exit-address-family
exit
```

At the beginning, there was no address in vrf1, then set address 1.1.1.1/24.
The running is changed:
```
router bgp 88 vrf xx
 neighbor 3.3.3.3 remote-as 99
 !
 address-family ipv4 unicast
  rd vpn export 4:4
  rt vpn export 1.1.1.1:4 <--
  export vpn
  import vpn
 exit-address-family
 ```

Signed-off-by: anlan_cs <[email protected]>
mjstapp
mjstapp reviewed Sep 15, 2025
View reviewed changes
Copy link
Contributor

@mjstapp mjstapp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm a little confused: the example in the description makes it appear that the config changes if environmental/OS changes occur. isn't that the bug?

ton31337
ton31337 approved these changes Sep 15, 2025
View reviewed changes
Copy link
Member

@ton31337 ton31337 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ton31337
Copy link
Member

@Mergifyio backport stable/10.4 stable/10.3 stable/10.2

@mergify Mergify
Copy link

mergify bot commented Sep 15, 2025

backport stable/10.4 stable/10.3 stable/10.2

🟠 Waiting for conditions to match

  • merged [📌 backport requirement]

@ton31337
Copy link
Member

Without reading the code (not the changes) => don't we miss to do the leaking stuff (just in case), except just handling configuration issue?

@anlancs
Copy link
Contributor Author

anlancs commented Sep 16, 2025
edited
Loading

Without reading the code (not the changes) => don't we miss to do the leaking stuff (just in case), except just handling configuration issue?

I have tested it. In this situation, the vpn doesn't work for the magic/unknown rt.
Unless the magic rt is manually configured on the other bgp neighbor:

rt vpn import 1.1.1.1:4

@anlancs
Copy link
Contributor Author

anlancs commented Sep 16, 2025
edited
Loading

I'm a little confused: the example in the description makes it appear that the config changes if environmental/OS changes occur. isn't that the bug?

not a bug, but it looks a little complicated: #2929

@mjstapp
Copy link
Contributor

mjstapp commented Sep 16, 2025

you referenced an old PR about router-id zapi messaging from zebra. but ... this isn't about the router-id, is it? you're not proposing changes to router-id here are you?

I'm a little confused: the example in the description makes it appear that the config changes if environmental/OS changes occur. isn't that the bug?

not a bug, but it looks a little complicated: #2929

@anlancs
Copy link
Contributor Author

anlancs commented Sep 16, 2025
edited
Loading

you referenced an old PR about router-id zapi messaging from zebra. but ... this isn't about the router-id, is it? you're not proposing changes to router-id here are you?

I'm a little confused: the example in the description makes it appear that the config changes if environmental/OS changes occur. isn't that the bug?

not a bug, but it looks a little complicated: #2929

There is no change with router-id here, just avoid the environment/OS changes the running config and vpn function.
If no router-id, vpn will use the automatic router-id created by ipv4 address with zebra's ZEBRA_ROUTER_ID_UPDATE.

@anlancs anlancs closed this Sep 16, 2025
@anlancs anlancs reopened this Sep 16, 2025
riw777
riw777 approved these changes Sep 16, 2025
View reviewed changes
Copy link
Member

@riw777 riw777 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mjstapp mjstapp mjstapp left review comments

@riw777 riw777 riw777 approved these changes

@ton31337 ton31337 ton31337 approved these changes

Assignees
No one assigned
Labels
backport bgp bugfix master size/XS
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@anlancs @ton31337 @mjstapp @riw777