Mailing List Archive

From:: Denis Fondras <denis@openbsd.org>
Subject:: Re: bgpd: flowspec & unknown AFI/SAFI are not VPNv6
To:: Claudio Jeker <cjeker@diehard.n-r-g.com>
Cc:: Denis Fondras <denis@openbsd.org>, tech@openbsd.org
Date:: Sat, 4 Jan 2025 09:17:03 +0100

Download raw body.

Thread

2025-01-03 19:42 Denis Fondras:
bgpd: flowspec & unknown AFI/SAFI are not VPNv6
- 2025-01-04 07:01 Claudio Jeker:
  bgpd: flowspec & unknown AFI/SAFI are not VPNv6
- - 2025-01-04 08:17 Denis Fondras:
    bgpd: flowspec & unknown AFI/SAFI are not VPNv6
  - - 2025-01-04 16:55 Claudio Jeker:
      bgpd: flowspec & unknown AFI/SAFI are not VPNv6

On Sat, Jan 04, 2025 at 08:01:05AM +0100, Claudio Jeker wrote:
> On Fri, Jan 03, 2025 at 08:42:39PM +0100, Denis Fondras wrote:
> > On Fri, Jan 03, 2025 at 08:21:58PM +0100, Claudio Jeker wrote:
> > > 
> > > I doubt that code is reachable but I think the error message should be
> > > "bad withdraw prefix" since this is an error path for the case that
> > > ibuf_skip fails.
> > > 
> > 
> > Index: rde.c
> > ===================================================================
> > RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v
> > diff -u -p -r1.646 rde.c
> > --- rde.c	12 Dec 2024 20:19:03 -0000	1.646
> > +++ rde.c	3 Jan 2025 19:41:44 -0000
> > @@ -1598,7 +1598,7 @@ rde_update_dispatch(struct rde_peer *pee
> >  				if (ibuf_skip(&unreachbuf,
> >  				    ibuf_size(&unreachbuf)) == -1) {
> >  					log_peer_warnx(&peer->conf,
> > -					    "bad VPNv6 withdraw prefix");
> > +					    "bad withdraw prefix");
> >  					rde_update_err(peer, ERR_UPDATE,
> >  					    ERR_UPD_OPTATTR, &unreachbuf);
> >  					goto done;
> > @@ -1778,7 +1778,7 @@ rde_update_dispatch(struct rde_peer *pee
> >  				if (ibuf_skip(&reachbuf,
> >  				    ibuf_size(&reachbuf)) == -1) {
> >  					log_peer_warnx(&peer->conf,
> > -					    "bad VPNv6 withdraw prefix");
> > +					    "bad withdraw prefix");
> >  					rde_update_err(peer, ERR_UPDATE,
> >  					    ERR_UPD_OPTATTR, &reachbuf);
> >  					goto done;
> 
> ok.
> 

And I did the same erroneous copy/paste :(

Index: rde.c
===================================================================
RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v
diff -u -p -r1.646 rde.c
--- rde.c	12 Dec 2024 20:19:03 -0000	1.646
+++ rde.c	4 Jan 2025 08:15:32 -0000
@@ -1598,7 +1598,7 @@ rde_update_dispatch(struct rde_peer *pee
 				if (ibuf_skip(&unreachbuf,
 				    ibuf_size(&unreachbuf)) == -1) {
 					log_peer_warnx(&peer->conf,
-					    "bad VPNv6 withdraw prefix");
+					    "bad withdraw prefix");
 					rde_update_err(peer, ERR_UPDATE,
 					    ERR_UPD_OPTATTR, &unreachbuf);
 					goto done;
@@ -1778,7 +1778,7 @@ rde_update_dispatch(struct rde_peer *pee
 				if (ibuf_skip(&reachbuf,
 				    ibuf_size(&reachbuf)) == -1) {
 					log_peer_warnx(&peer->conf,
-					    "bad VPNv6 withdraw prefix");
+					    "bad nlri prefix");
 					rde_update_err(peer, ERR_UPDATE,
 					    ERR_UPD_OPTATTR, &reachbuf);
 					goto done;

2025-01-03 19:42 Denis Fondras:
bgpd: flowspec & unknown AFI/SAFI are not VPNv6
- 2025-01-04 07:01 Claudio Jeker:
  bgpd: flowspec & unknown AFI/SAFI are not VPNv6
- - 2025-01-04 08:17 Denis Fondras:
    bgpd: flowspec & unknown AFI/SAFI are not VPNv6
  - - 2025-01-04 16:55 Claudio Jeker:
      bgpd: flowspec & unknown AFI/SAFI are not VPNv6