mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2025-01-23 06:14:42 +08:00
c0d999348e
Cited commit added the table ID to the FIB info structure, but did not
properly initialize it when table ID 0 is used. This can lead to a route
in the default VRF with a preferred source address not being flushed
when the address is deleted.
Consider the following example:
# ip address add dev dummy1 192.0.2.1/28
# ip address add dev dummy1 192.0.2.17/28
# ip route add 198.51.100.0/24 via 192.0.2.2 src 192.0.2.17 metric 100
# ip route add table 0 198.51.100.0/24 via 192.0.2.2 src 192.0.2.17 metric 200
# ip route show 198.51.100.0/24
198.51.100.0/24 via 192.0.2.2 dev dummy1 src 192.0.2.17 metric 100
198.51.100.0/24 via 192.0.2.2 dev dummy1 src 192.0.2.17 metric 200
Both routes are installed in the default VRF, but they are using two
different FIB info structures. One with a metric of 100 and table ID of
254 (main) and one with a metric of 200 and table ID of 0. Therefore,
when the preferred source address is deleted from the default VRF,
the second route is not flushed:
# ip address del dev dummy1 192.0.2.17/28
# ip route show 198.51.100.0/24
198.51.100.0/24 via 192.0.2.2 dev dummy1 src 192.0.2.17 metric 200
Fix by storing a table ID of 254 instead of 0 in the route configuration
structure.
Add a test case that fails before the fix:
# ./fib_tests.sh -t ipv4_del_addr
IPv4 delete address route tests
Regular FIB info
TEST: Route removed from VRF when source address deleted [ OK ]
TEST: Route in default VRF not removed [ OK ]
TEST: Route removed in default VRF when source address deleted [ OK ]
TEST: Route in VRF is not removed by address delete [ OK ]
Identical FIB info with different table ID
TEST: Route removed from VRF when source address deleted [ OK ]
TEST: Route in default VRF not removed [ OK ]
TEST: Route removed in default VRF when source address deleted [ OK ]
TEST: Route in VRF is not removed by address delete [ OK ]
Table ID 0
TEST: Route removed in default VRF when source address deleted [FAIL]
Tests passed: 8
Tests failed: 1
And passes after:
# ./fib_tests.sh -t ipv4_del_addr
IPv4 delete address route tests
Regular FIB info
TEST: Route removed from VRF when source address deleted [ OK ]
TEST: Route in default VRF not removed [ OK ]
TEST: Route removed in default VRF when source address deleted [ OK ]
TEST: Route in VRF is not removed by address delete [ OK ]
Identical FIB info with different table ID
TEST: Route removed from VRF when source address deleted [ OK ]
TEST: Route in default VRF not removed [ OK ]
TEST: Route removed in default VRF when source address deleted [ OK ]
TEST: Route in VRF is not removed by address delete [ OK ]
Table ID 0
TEST: Route removed in default VRF when source address deleted [ OK ]
Tests passed: 9
Tests failed: 0
Fixes:
|
||
---|---|---|
.. | ||
af_unix | ||
bpf | ||
forwarding | ||
mptcp | ||
openvswitch | ||
.gitignore | ||
altnames.sh | ||
amt.sh | ||
arp_ndisc_evict_nocarrier.sh | ||
arp_ndisc_untracked_subnets.sh | ||
bareudp.sh | ||
bind_bhash.c | ||
bind_bhash.sh | ||
cmsg_ipv6.sh | ||
cmsg_sender.c | ||
cmsg_so_mark.sh | ||
cmsg_time.sh | ||
config | ||
devlink_port_split.py | ||
drop_monitor_tests.sh | ||
fcnal-test.sh | ||
fib_nexthop_multiprefix.sh | ||
fib_nexthop_nongw.sh | ||
fib_nexthops.sh | ||
fib_rule_tests.sh | ||
fib_tests.sh | ||
fib-onlink-tests.sh | ||
fin_ack_lat.c | ||
fin_ack_lat.sh | ||
gre_gso.sh | ||
gro.c | ||
gro.sh | ||
hwtstamp_config.c | ||
icmp_redirect.sh | ||
icmp.sh | ||
in_netns.sh | ||
io_uring_zerocopy_tx.c | ||
io_uring_zerocopy_tx.sh | ||
ioam6_parser.c | ||
ioam6.sh | ||
ip6_gre_headroom.sh | ||
ip_defrag.c | ||
ip_defrag.sh | ||
ipsec.c | ||
ipv6_flowlabel_mgr.c | ||
ipv6_flowlabel.c | ||
ipv6_flowlabel.sh | ||
l2_tos_ttl_inherit.sh | ||
l2tp.sh | ||
Makefile | ||
msg_zerocopy.c | ||
msg_zerocopy.sh | ||
ndisc_unsolicited_na_test.sh | ||
netdevice.sh | ||
nettest.c | ||
pmtu.sh | ||
psock_fanout.c | ||
psock_lib.h | ||
psock_snd.c | ||
psock_snd.sh | ||
psock_tpacket.c | ||
reuseaddr_conflict.c | ||
reuseaddr_ports_exhausted.c | ||
reuseaddr_ports_exhausted.sh | ||
reuseport_addr_any.c | ||
reuseport_addr_any.sh | ||
reuseport_bpf_cpu.c | ||
reuseport_bpf_numa.c | ||
reuseport_bpf.c | ||
reuseport_dualstack.c | ||
route_localnet.sh | ||
rtnetlink.sh | ||
run_afpackettests | ||
run_netsocktests | ||
rxtimestamp.c | ||
rxtimestamp.sh | ||
settings | ||
setup_loopback.sh | ||
setup_veth.sh | ||
sk_bind_sendto_listen.c | ||
sk_connect_zero_addr.c | ||
so_netns_cookie.c | ||
so_txtime.c | ||
so_txtime.sh | ||
socket.c | ||
srv6_end_dt4_l3vpn_test.sh | ||
srv6_end_dt6_l3vpn_test.sh | ||
srv6_end_dt46_l3vpn_test.sh | ||
srv6_end_next_csid_l3vpn_test.sh | ||
srv6_hencap_red_l3vpn_test.sh | ||
srv6_hl2encap_red_l2vpn_test.sh | ||
stress_reuseport_listen.c | ||
stress_reuseport_listen.sh | ||
tap.c | ||
tcp_fastopen_backup_key.c | ||
tcp_fastopen_backup_key.sh | ||
tcp_inq.c | ||
tcp_mmap.c | ||
test_blackhole_dev.sh | ||
test_bpf.sh | ||
test_ingress_egress_chaining.sh | ||
test_vxlan_fdb_changelink.sh | ||
test_vxlan_under_vrf.sh | ||
test_vxlan_vnifiltering.sh | ||
timestamping.c | ||
tls.c | ||
toeplitz_client.sh | ||
toeplitz.c | ||
toeplitz.sh | ||
traceroute.sh | ||
tun.c | ||
txring_overwrite.c | ||
txtimestamp.c | ||
txtimestamp.sh | ||
udpgro_bench.sh | ||
udpgro_frglist.sh | ||
udpgro_fwd.sh | ||
udpgro.sh | ||
udpgso_bench_rx.c | ||
udpgso_bench_tx.c | ||
udpgso_bench.sh | ||
udpgso.c | ||
udpgso.sh | ||
unicast_extensions.sh | ||
veth.sh | ||
vrf_route_leaking.sh | ||
vrf_strict_mode_test.sh | ||
vrf-xfrm-tests.sh | ||
xfrm_policy.sh |