-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue in IPv4 prefix length verification for RFC8950 #130
Comments
I guess it's worthwhile to add (regression) test scenarios to E.g. AS1 could try to announce 1.0.0.0/8 which should be accepted and 1.0.0.0/25 which should be rejected with cause 13. |
From @agbcix > When a peer is configured for RFC8950 support, the prefix length is checked for the IPv6 limits only. > This will permit too long IPv4 (up to /48) prefixes and will reject short IPv4 (< /12) prefixes. > I guess it's worthwhile to add (regression) test scenarios to tests/live_tests/scenarios/rfc8950/base.py. > E.g. AS1 could try to announce 1.0.0.0/8 which should be accepted and 1.0.0.0/25 which should be rejected with cause 13.
Thanks a lot for reporting this bug. It is being addressed in the issue130_ipv4_prefix_length_check_with_rfc8950 branch, where I've also merged your proposed solution with a change to avoid code duplication. |
I've just merged the branch into master and triggered the CI/CD pipeline. If everything goes well, we'll have v1.22.1 out with the fix in a couple of hours or in the worst case by tomorrow. |
When a peer is configured for RFC8950 support, the prefix length is checked for the IPv6 limits only.
This will permit too long IPv4 (up to /48) prefixes and will reject short IPv4 (< /12) prefixes.
The text was updated successfully, but these errors were encountered: