From: Gabriel Goller <g.goller@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [PATCH frr 0/2] Fix leaked EVPN routes having wrong nexthop on IPv4 via IPv6 routes
Date: Fri, 15 May 2026 17:23:55 +0200 [thread overview]
Message-ID: <20260515152400.726794-1-g.goller@proxmox.com> (raw)
When we have a EVPN fabric with IPv6 VTEPs and leak them into the default
routing table (or any other VRF) (via exit-nodes in our case) the nexthop is
wrong. The nexthop is correct in the vrf (e.g. `ip route show vrf vrf_evpn`) but
the import-vrf does not correctly check the BGP MP properties for the IPv6
nexthop and inserts a invalid (0.0.0.0) IPv4 nexthop. The BGP MP properties are
not checked because a legacy bgp flag is set (BGP_ATTR_NEXT_HOP), which
circumvents the BGP MP check.
Fix this by not setting this flag when a IPv6 nexthop is used. Backport an
upstream commit and make another small change on top of it so that this also
works with EVPN routes and not only general BGP MP.
Thanks @HannesL for the quick testing.
@Thomas you can also cherry pick the patches from the other frr series and do a
single bump, or we can apply this patch as-is and think over other series.
frr:
Gabriel Goller (2):
frr: backport #21166 and #21958, fixing EVPN IPv4 routes with IPv6
nexhtop
bump to version 10.6.1-1+pve2
debian/changelog | 6 +
debian/patches/series | 2 +
...R_NEXT_HOP-flag-handling-in-bgp_attr.patch | 149 ++++++++++++++++++
...v6-nexthops-when-importing-EVPN-IPv4.patch | 107 +++++++++++++
4 files changed, 264 insertions(+)
create mode 100644 debian/patches/upstream/0005-bgpd-fix-BGP_ATTR_NEXT_HOP-flag-handling-in-bgp_attr.patch
create mode 100644 debian/patches/upstream/0006-bgpd-preserve-IPv6-nexthops-when-importing-EVPN-IPv4.patch
Summary over all repositories:
4 files changed, 264 insertions(+), 0 deletions(-)
--
Generated by murpp 0.11.0
next reply other threads:[~2026-05-15 15:24 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-15 15:23 Gabriel Goller [this message]
2026-05-15 15:23 ` [PATCH frr 1/2] frr: backport #21166 and #21958, fixing EVPN IPv4 routes with IPv6 nexhtop Gabriel Goller
2026-05-15 16:06 ` Gabriel Goller
2026-05-15 15:23 ` [PATCH frr 2/2] bump to version 10.6.1-1+pve2 Gabriel Goller
2026-05-16 23:59 ` [PATCH frr 0/2] Fix leaked EVPN routes having wrong nexthop on IPv4 via IPv6 routes Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260515152400.726794-1-g.goller@proxmox.com \
--to=g.goller@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.