From 1073e84a7cd9ef99a547ba7868c14741cc37402c Mon Sep 17 00:00:00 2001 From: Carlos Goncalves Date: Thu, 21 Sep 2023 14:20:58 +0200 Subject: [PATCH] Resolves: RHEL-11664 - bgpd: Do not explicitly print MAXTTL value for ebgp-multihop vty output Signed-off-by: Carlos Goncalves --- 0013-bgpd-maxttl-ebgp-multihop.patch | 94 ++++++++++++++++++++++++++++ frr.spec | 6 +- 2 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 0013-bgpd-maxttl-ebgp-multihop.patch diff --git a/0013-bgpd-maxttl-ebgp-multihop.patch b/0013-bgpd-maxttl-ebgp-multihop.patch new file mode 100644 index 0000000..d9f1a6a --- /dev/null +++ b/0013-bgpd-maxttl-ebgp-multihop.patch @@ -0,0 +1,94 @@ +From 5f877bb51d44ba56dcbb5067ee9eedae27591a7c Mon Sep 17 00:00:00 2001 +From: Donatas Abraitis +Date: Mon, 21 Aug 2023 00:01:42 +0300 +Subject: [PATCH] bgpd: Do not explicitly print MAXTTL value for ebgp-multihop + vty output + +1. Create /etc/frr/frr.conf +``` +frr version 7.5 +frr defaults traditional +hostname centos8.localdomain +no ip forwarding +no ipv6 forwarding +service integrated-vtysh-config +line vty +router bgp 4250001000 + neighbor 192.168.122.207 remote-as 65512 + neighbor 192.168.122.207 ebgp-multihop +``` + +2. Start FRR +`# systemctl start frr +` +3. Show running configuration. Note that FRR explicitly set and shows the default TTL (225) + +``` +Building configuration... + +Current configuration: +! +frr version 7.5 +frr defaults traditional +hostname centos8.localdomain +no ip forwarding +no ipv6 forwarding +service integrated-vtysh-config +! +router bgp 4250001000 + neighbor 192.168.122.207 remote-as 65512 + neighbor 192.168.122.207 ebgp-multihop 255 +! +line vty +! +end +``` +4. Copy initial frr.conf to frr.conf.new (no changes) +`# cp /etc/frr/frr.conf /root/frr.conf.new +` +5. Run frr-reload.sh: + +``` +$ /usr/lib/frr/frr-reload.py --test /root/frr.conf.new +2023-08-20 20:15:48,050 INFO: Called via "Namespace(bindir='/usr/bin', confdir='/etc/frr', daemon='', debug=False, filename='/root/frr.conf.new', input=None, log_level='info', overwrite=False, pathspace=None, reload=False, rundir='/var/run/frr', stdout=False, test=True, vty_socket=None)" +2023-08-20 20:15:48,050 INFO: Loading Config object from file /root/frr.conf.new +2023-08-20 20:15:48,124 INFO: Loading Config object from vtysh show running + +Lines To Delete +=============== +router bgp 4250001000 + no neighbor 192.168.122.207 ebgp-multihop 255 + +Lines To Add +============ +router bgp 4250001000 + neighbor 192.168.122.207 ebgp-multihop +``` + +Closes https://github.com/FRRouting/frr/issues/14242 + +Signed-off-by: Donatas Abraitis +(cherry picked from commit 767aaa3a80489bfc4ff097f932fc347e3db25b89) +--- + bgpd/bgp_vty.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c +index b80d5f69ddce..4bcb17714a97 100644 +--- a/bgpd/bgp_vty.c ++++ b/bgpd/bgp_vty.c +@@ -16940,8 +16940,12 @@ static void bgp_config_write_peer_global(struct vty *vty, struct bgp *bgp, + && !(peer->gtsm_hops != BGP_GTSM_HOPS_DISABLED + && peer->ttl == MAXTTL)) { + if (!peer_group_active(peer) || g_peer->ttl != peer->ttl) { +- vty_out(vty, " neighbor %s ebgp-multihop %d\n", addr, +- peer->ttl); ++ if (peer->ttl != MAXTTL) ++ vty_out(vty, " neighbor %s ebgp-multihop %d\n", ++ addr, peer->ttl); ++ else ++ vty_out(vty, " neighbor %s ebgp-multihop\n", ++ addr); + } + } + diff --git a/frr.spec b/frr.spec index 6875ba4..7caecdc 100644 --- a/frr.spec +++ b/frr.spec @@ -7,7 +7,7 @@ Name: frr Version: 8.3.1 -Release: 10%{?checkout}%{?dist} +Release: 11%{?checkout}%{?dist} Summary: Routing daemon License: GPLv2+ URL: http://www.frrouting.org @@ -75,6 +75,7 @@ Patch0009: 0009-CVE-2022-36440-40302.patch Patch0010: 0010-CVE-2022-43681.patch Patch0011: 0011-CVE-2022-40318.patch Patch0012: 0012-bfd-not-working-in-vrf.patch +Patch0013: 0013-bgpd-maxttl-ebgp-multihop.patch %description FRRouting is free software that manages TCP/IP based routing protocols. It takes @@ -280,6 +281,9 @@ make check PYTHON=%{__python3} %endif %changelog +* Thu Sep 21 2023 Carlos Goncalves - 8.3.1-11 +- Resolves: RHEL-2263 - bgpd: Do not explicitly print MAXTTL value for ebgp-multihop vty output + * Thu Aug 10 2023 Michal Ruprich - 8.3.1-10 - Related: #2216912 - adding sys_admin to capabilities