nhrpd: fix dont consider incomplete L2 entry #18078
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sometimes, NHRP receives L2 information on a cache entry with the 0.0.0.0 IP address. NHRP considers it as valid and updates the binding with the new IP address. > Feb 09 20:09:54 aws-sin-vpn01 nhrpd[2695]: [QQ0NK-1H449] Netlink: new-neigh 10.2.114.238 dev dmvpn1 lladdr 162.251.180.10 nud 0x2 cache used 0 type 4 > Feb 09 20:10:35 aws-sin-vpn01 nhrpd[2695]: [QQ0NK-1H449] Netlink: new-neigh 10.2.114.238 dev dmvpn1 lladdr 162.251.180.10 nud 0x4 cache used 1 type 4 > Feb 09 20:10:48 aws-sin-vpn01 nhrpd[2695]: [QQ0NK-1H449] Netlink: del-neigh 10.2.114.238 dev dmvpn1 lladdr 162.251.180.10 nud 0x4 cache used 1 type 4 > Feb 09 20:10:49 aws-sin-vpn01 nhrpd[2695]: [QQ0NK-1H449] Netlink: who-has 10.2.114.238 dev dmvpn1 lladdr (unspec) nud 0x1 cache used 1 type 4 > Feb 09 20:10:49 aws-sin-vpn01 nhrpd[2695]: [QVXNM-NVHEQ] Netlink: update binding for 10.2.114.238 dev dmvpn1 from c 162.251.180.10 peer.vc.nbma 162.251.180.10 to lladdr (unspec) > Feb 09 20:10:49 aws-sin-vpn01 nhrpd[2695]: [QQ0NK-1H449] Netlink: new-neigh 10.2.114.238 dev dmvpn1 lladdr 0.0.0.0 nud 0x2 cache used 1 type 4 > Feb 09 20:11:30 aws-sin-vpn01 nhrpd[2695]: [QQ0NK-1H449] Netlink: new-neigh 10.2.114.238 dev dmvpn1 lladdr 0.0.0.0 nud 0x4 cache used 1 type 4 Actually, the 0.0.0.0 IP addressed mentiones in the 'who-has' message is wrong because the nud state value means that value is incomplete and should not be handled as a valid entry. Instead of considering it, fix this by by invalidating the current binding. This step is necessary in order to permit NHRP to trigger resolution requests again. Signed-off-by: Philippe Guibert <[email protected]>
pguibert6WIND
force-pushed
the
nhrp_incomplete_msg
branch
from
f25df1d to
3202323
Compare
|
@Mergifyio backport dev/10.3 stable/10.2 stable/10.1 |
✅ Backports have been created
|
This was referenced Feb 12, 2025
donaldsharp
added a commit
that referenced
this pull request
Feb 12, 2025
nhrpd: fix dont consider incomplete L2 entry (backport #18078)
donaldsharp
added a commit
that referenced
this pull request
Feb 12, 2025
nhrpd: fix dont consider incomplete L2 entry (backport #18078)
donaldsharp
added a commit
that referenced
this pull request
Feb 12, 2025
nhrpd: fix dont consider incomplete L2 entry (backport #18078)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Sometimes, NHRP receives L2 information on a cache entry with the 0.0.0.0 IP address. NHRP considers it as valid and updates the binding with the new IP address.
Actually, the 0.0.0.0 IP addressed mentiones in the 'who-has' message is wrong because the nud state value means that value is incomplete and should not be handled as a valid entry. Instead of considering it, fix this by by invalidating the current binding. This step is necessary in order to permit NHRP to trigger resolution requests again.