preserve only manually added ndp table entries in startup config

nsh was mistakenly adding all ndp table entries to startup-config when the configuration was saved with write-config. This results in spurious 'permanent' ndp entries when the written config is loaded. If you find spurious permanent ndp entries on your system these entries must be removed via 'no ndp <IPv6 address>', then use 'write-config' to save the fixed the configuration. Alternatively, remove all lines which set unwanted permanent NDP entries from /etc/nshrc and reboot. Problem reported and fix tested by Tom. ok Tom
yellowman · Oct 9, 2024 · 2177586 · 2177586
1 parent a199218
commit 2177586
Showing 1 changed file with 22 additions and 2 deletions.
diff --git a/ndp.c b/ndp.c
@@ -756,8 +756,6 @@ conf_ndp(FILE *output, char *delim)
 		rtm = (struct rt_msghdr *)next;
 		if (rtm->rtm_version != RTM_VERSION)
 			continue;
-		if (!(rtm->rtm_flags & RTF_HOST))
-			continue;
 		conf_ndp_entry(output, delim, rtm);
 	}
 	freertdump(rtdump);
@@ -769,13 +767,35 @@ conf_ndp_entry(FILE *output, char *delim, struct rt_msghdr *rtm)
 {
 	struct sockaddr_in6 *sin6;
 	struct sockaddr_dl *sdl;
+	static struct in6_nbrinfo *nbi;
+
+	/* Ignore entries which describe routes to networks. */
+	if (!(rtm->rtm_flags & RTF_HOST))
+		return;
+
+	/*
+	 * Ignore local entries. These correspond to addresses configured
+	 * on our network interfaces, and will already be preserved in case
+	 * of static IPs, and should not be preserved for dynamic IPs.
+	 */
+	if (rtm->rtm_flags & RTF_LOCAL)
+		return;
 
 	sin6 = (struct sockaddr_in6 *)((char *)rtm + rtm->rtm_hdrlen);
 	in6_fillscopeid(sin6);
 	sdl = (struct sockaddr_dl *)((char *)sin6 + ROUNDUP(sin6->sin6_len));
 	if (sdl->sdl_family != AF_LINK)
 		return;
 
+	/* Skip table entries for addresses learned via NDP protocol. */
+	nbi = getnbrinfo(&sin6->sin6_addr, sdl->sdl_index, 0);
+	if (nbi == NULL || nbi->expire != 0)
+		return;
+
+	/*
+	 * This is a 'permanent' non-local entry. We assume this entry
+	 * was manually added to the NDP table, and should be preserved.
+	 */
 	fprintf(output, "%s%s %s", delim, routename6(sin6), ether_str(sdl));
 	if (rtm->rtm_flags & RTF_ANNOUNCE)
 		fputs(" proxy", output);