bgpd: Clear capabilities field when resetting a bgp neighbor (backport #9056) #9263
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![mergify[bot]](https://avatars.githubusercontent.com/in/10562?s=60&v=4){kind=small}
Currently, the following sequence of events between peers could result in erroneous capability reports on the peer with enabled dont-capability-negotiate option: - having some of the capabilities advertised to a bgp neighbor, - then disabling capability negotiation to that neighbor, - then resetting connection to it, - and no capabilities are actually sent to the neighbor, - but "show bgp neighbors" on the host still displays them as advertised to the neighbor. There are two possibilities for establishing a new connection - the established connection was initiated by us with bgp_start(), - the connection was initiated on the neighbor side and processed by us via bgp_accept() in bgp_network.c. The former case results in "show bgp neighbors" displaying only "received" in capabilities, as the peer's cap is initiated to zero in bgp_start(). In the latter case, if bgp_accept() happens before bgp_start() is called, then new peer capabilities are being transferred from its previous record before being zeroed in bgp_start(). This results in "show bgp neighbors" still displaying "advertised and received" in capabilities. Following the logic of a similar af_cap field clearing, treated correctly in both cases, we - reset peer's capability during bgp_stop() - don't pass it over to a new peer structure in bgp_accept(). This fix prevents transferring of the previous capabilities record to a new peer instance in arbitrary reconnect scenario. Signed-off-by: Alexander Skorichenko <[email protected]> (cherry picked from commit 24f569e)
💚 Basic BGPD CI results: SUCCESS, 0 tests failedResults table
For details, please contact louberger |
Continuous Integration Result: SUCCESSFULCongratulations, this patch passed basic tests Tested-by: NetDEF / OpenSourceRouting.org CI System CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-20744/ This is a comment from an automated CI system. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is an automatic backport of pull request #9056 done by Mergify.
Mergify commands and options
More conditions and actions can be found in the documentation.
You can also trigger Mergify actions by commenting on this pull request:
@Mergifyio refreshwill re-evaluate the rules@Mergifyio rebasewill rebase this PR on its base branch@Mergifyio updatewill merge the base branch into this PR@Mergifyio backport <destination>will backport this PR on<destination>branchAdditionally, on Mergify dashboard you can:
Finally, you can contact us on https://mergify.io/